Data leakage detection using system call provenance

Abir Awad, Sara Kadry, Guraraj Maddodi, Saul Gill, Brian Lee

    Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

    14 Citations (Scopus)

    Abstract

    Data leakage has become a problem of epidemic proportions with very serious consequences for businesses and their customers. Experts warn that it is very difficult for organisations to avoid infiltration and that they should be prepared for such events. Proactive detection of ongoing attacks is therefore critically important. In this paper we describe the design and implementation of Peeper, a policy based system for data leakage detection that utilizes operating system call provenance. The implementation of our scheme shows that it enables real-time data detection of data leakage. It tracks the operations performed on sensitive files and issues alerts if suspicious activities are detected.

    Original languageEnglish
    Title of host publicationProceedings - 2016 International Conference on Intelligent Networking and Collaborative Systems, IEEE INCoS 2016
    EditorsFatos Xhafa, Ivan Zelinka, Leonard Barolli, Vaclav Snasel
    PublisherInstitute of Electrical and Electronics Engineers Inc.
    Pages486-491
    Number of pages6
    ISBN (Electronic)9781509041237
    DOIs
    Publication statusPublished - 25 Oct 2016
    Event8th International Conference on Intelligent Networking and Collaborative Systems, IEEE INCoS 2016 - Ostrava, Czech Republic
    Duration: 7 Sep 20169 Sep 2016

    Publication series

    NameProceedings - 2016 International Conference on Intelligent Networking and Collaborative Systems, IEEE INCoS 2016

    Conference

    Conference8th International Conference on Intelligent Networking and Collaborative Systems, IEEE INCoS 2016
    Country/TerritoryCzech Republic
    CityOstrava
    Period7/09/169/09/16

    Keywords

    • Advanced Persistent Threat
    • Cloud computing
    • Data exfiltration detection
    • Data leakage
    • Provenance

    Fingerprint

    Dive into the research topics of 'Data leakage detection using system call provenance'. Together they form a unique fingerprint.

    Cite this