DATA LEAKAGE PREVENTION AND DETECTION IN DIGITAL CONFIGURATIONS: А SURVEY
DOI:
https://doi.org/10.17770/etr2024vol2.8045Keywords:
data, leakage, prevention, securityAbstract
As a result of the development of information and communication technologies (ICT) and Internet electronic interaction at all levels in the organizations and the use of various electronic services has become part of our everyday life. The past few decades have been characterized by a tremendous growth in the amount of data generated. At the same time, digital data are subject to malicious and accidental threats, due to the presence of vulnerabilities in the protection of information systems. Unauthorized access, malware, zero-day attack, data leakage, denial of service (DoS), and phishing have increased exponentially in recent years. Data leakage occurs when sensitive data and confidential information is revealed to unauthorized parties. Data leakage is one of the main targets of any insider threat. Over the last few years, the challenge of dealing with insider threats has been recognized and various methods have been proposed to address such problems. Therefore, most proposed internal threat detection methods work towards data leakage prevention (DLP).
This paper addresses the data leakage prevention and detection (DLPD) as some of the most critical cybersecurity issues nowadays. The used DLP techniques and technologies have been explored briefly. As the study aims to reveal the scientific interests in the DLP domain we tried to provide a comprehensive overview of academic publications. Finally, the paper focuses on what drives the DLP domain, the challenges and opportunities the digital configurations are faced in the context of data flow monitoring, prevention and detection.
Downloads
References
Cybersecurity & Infrastructure Security Agency. Defining insider threats, no date. https://www.cisa.gov/defining-insider-threats [Accessed 25 February 2024].
G. Mazzarolo and A.D. Jurcut, “Insider threats in cyber security: The enemy within the gates,” Eur. Cybersecur. Journal, vol.6, no.1, pp. 57-63, 2019. 10.48550/arXiv.1911.09575 [Accessed 25 February 2024].
R. Willison and M. Warkentin, “Beyond deterrence: An expanded view of employee computer abuse,” Manage. Inform. Syst. Quart., vol. 37, no.1, pp. 1-20, 2013. https://www.jstor.org/stable/43825935 [Accessed 25 February 2024].
PWC, “US cybercrime: rising risks, reduced readiness – KEy findings from the 2014 US State of cybercrime survey,” https://www.pwc.com/us/en/increasing-it-effectiveness/publications/assets/2014-us-state-of-cybercrime.pdf [Accessed 25 February 2024].
M.R. Randazzo, M. Keeney, E. Kowalski, D. Cappelli, and A. Moore, “Insider threat study: Illicit cyber activity in the banking and finance sector” Technical Report ADA441249, Carnegie-Mellon Univ Pittsburgh Software Engineering Inst, 2005. https://apps.dtic.mil/sti/citations/ADA441249 [Accessed 25 February 2024].
M. Maybury, “Analysis and detection of malicious insiders,” Proceedings of International Conference on Intelligence Analysis 2005.
P. Gaonjur and C. Bokhoree, “Risk of Insider Threats in Information Technology Outsourcing: Can Deceptive Techniques be Applied?,” in Security and Management, CSREA Press, p.522, 2006.
Software Engineering Institute, “Common Sense Guide to Mitigating Insider Threats, Seventh Edition, “ Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, 7-Sep-2022 [Online]. Available: https://insights.sei.cmu.edu/library/common-sense-guide-to-mitigating-insider-threats-seventh-edition/ [Accessed: 25-Feb-2024].
A.V.Kale, Sh.P. Dubey and V. Bajpayee, “A revew on Data Leakage Prevention,” International Journal of Computer Science and Mobile Computing, vol. 4, no. 4, April 2015, pp. 513-518.
R. Tahboub and Y. Saleh, “Data Leakage/Loss Prevention Systems (DLP),“ 2014 World Congress on Computer Applications and Information Systems (WCCAIS), Hammamet, Tunisia, pp. 1-6, 2014. doi: 10.1109/WCCAIS.2014.6916624.
S. Peneti and B. P. Rani, “Data Leakage Detection and Prevention Methods: Survey,” in Discovery, vol. 43, no. 198, pp. 95-100, 2015.
A. Shabtai, Y. Elovici and L. Rokach, “A survey of data leakage detection and prevention solutions,” in Springer Briefs in Computer Science, Springer, 2012.
S. Alneyadi, E. Sithirasenan and V. Muthukkumarasamy, “A survey on data leakage prevention systems,” Journal of Network and Computer Applications, vol. 62, pp. 137-152, 2016. https://doi.org/10.1016/j.jnca.2016.01.008. [Accessed 25 February 2024].
S. Alneyadi, E. Sithirasenan and V. Muthukkumarasamy, “Detecting Data Semantic: A Data Leakage Prevention Approach”, pp.910-917, 2015.
P. Zilberman, S. Dolev, G. Katz, Y. Elovici and A. Shabtai, “Analyzing group communication for preventing data leakage via email”, pp.37 - 41, 2011.
V.O. Waziri, I. Idris, J.K. Alhassan and B.O. Adedayo, “Data Loss Prevention and Challenges Faced in their Deployments”, 2017.
A. Kamra, E. Terzi and E. Bertino, “Detecting anomalous access patterns in relational databases,” in International Journal on Very Large Databases, vol.17, pp.5, pp.1063–1077, 2008.
M. Sunu, P. Michalis, N. Hung, and U. Shambhu, “A Data-Centric Approach to Insider Attack Detection in Database Systems”, Technical Report, 2009.
Q. Yaseen and B. Panda, “Knowledge acquisition and insider threat prediction in relational database systems,” Proceedings, 12th International IEEE Conference on Computational Science and Engineering, pp.450–455, 2009.
J. Fonseca, M. Vieira and H. Madeira, “Online detection of malicious data access using DBMS auditing,” ACM Symposium on Applied Computing, pp.1013–1020, 2008.
C. Y. Chung, M. Gertz and K. Levitt, “Demids: A misuse detection system for database systems,” in Working Conference on Integrity and Internal Control in Information Systems, pp. 159-178, Boston, MA: Springer US, 1999.
R. Cathey, L. Ma, N. Goharian and D. Grossman, “Misuse detection for information retrieval systems,” in Proceedings, 12th ACM Conference on Information and Knowledge Management (CIKM), 2003.
L. Ma, N. Goharian, “Using Relevance Feedback to Detect Misuse for Information Retrieval Systems,” ACM CIKM, 2004.
O. De Vel, A. Anderson, M. Corney and G. Mohay, “Mining E-mail Content for Author Identification Forensics,” SIGMOD Record, vol.30, no.4, pp. 55-64, 2001.
J. Nurse, A. Erola, M. Goldsmith and S. Creese, “Investigating the leakage of sensitive personal and organisational information in email headers,” in Journal of Internet Services and Information Security, vol.5, 2015.
V.R. Carvalho, and R. Balasubramanyan, Information leaks and suggestions: a case study using Mozilla Thunderbird. Proceedings, 6th Conference on Email and Anti-Spam, 2009.
V.R. Carvalho and W. Cohen, “Preventing information leaks in email,” in Proceedings, SIAM International Conference on Data Mining, 2007.
K. Borders and A. Prakash, “Web Tap: Detecting Covert Web Traffic,” Proceedings of the 11th ACM Conference on Computer and Communications Security (CCS), 2004.
K. Borders and A. Prakash, “Towards quantification of network-based information leaks via HTTP,” Proceedings of 3rd conference on Hot Topics in Security, 2008.
D.D Caputo., G.D. Stephens and M.A. Maloof, „Detecting insider theft of trade secrets,“ IEEE Security and Privacy, vol.7, no.6, pp.14–21, 2009.
G. Mazzarolo and A. Jurcut, “Insider threats in Cyber Security: The enemy within the gates,” arXiv preprint arXiv:1911.09575, 2019.
I.M. Abbadi, and M. Alawneh, “Preventing insider information leakage for enterprises,” International Conference on Emerging Security Information, Systems and Technologies, pp.99–106, 2008.
K. Yasuhiro and S. Yoshiki, “A Web-based system for prevention of information leakage,” (poster), Proceedings of 11th International World Wide Web (WWW) Conference, 2002.
R.S. Reddy, S.R. Gopu, “Enterprise Digital Rights Management for Document Protection,” in 31st International Conference on Advanced Information Networking and Applications Workshops (WAINA). pp. 321–326, IEEE, 2017.
M. Munier, V. Lalanne and M. Ricarde, ”Self-protecting documents for cloud storage security,” Proc. of the 11th IEEE Int. Conference on Trust, Security and Privacy in Computing and Communications, TrustCom-2012, pp. 1231–1238, IEEE, 2012.
M. Munier, “A Secure Autonomous Document Architecture for Enterprise Digital Right Management,” in 7th International Conference on Signal Image Technology & Internet-Based Systems. pp. 16–23, IEEE, 2011.
L. Spitzner, “Honeypots: Catching the Insider Threat,” Proceedings of the Computer Security Applications Conference, pp. 170-179, 2003.
C. Kreibichi and J. Crowcroft, “Honeycomb – Creating Intrusion Detection Signatures Using Honeypots,” ACM SIGCOMM Computer Communication Review, vol. 34, no. 1, pp. 51-56, 2004.
F. Raynal, Y. Berthier, P. Biondi, and D. Kaminsky, “Honeypot Forensics” Part I: Analyzing the Network, IEEE Security and Privacy, vol. 2, no. 4, pp. 72-78, 2004.
F. Raynal, Y. Berthier, P. Biondi, and D. Kaminsky, “Honeypot Forensics” Part II: Analyzing the Compromised Host, IEEE Security and Privacy, vol. 2, no. 5, pp. 77-80, 2004.
T. M. Chen and J. Buford, “Design Considerations for a Honeypot for SQL Injection Attacks,” Proceedings of IEEE Local Computer Networks, pp. 915-921, 2009.
Downloads
Published
Issue
Section
License
Copyright (c) 2024 Svetlana Syarova, Stefka Toleva - Stoimenova, Alexander Kirkov, Samuel Petkov, Krasimir Traykov
This work is licensed under a Creative Commons Attribution 4.0 International License.