Data leakage detection using system call provenance

Abir Awad, Sara Kadry, Guraraj Maddodi, Saul Gill, Brian Lee

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

14 Citations (Scopus)

Abstract

Data leakage has become a problem of epidemic proportions with very serious consequences for businesses and their customers. Experts warn that it is very difficult for organisations to avoid infiltration and that they should be prepared for such events. Proactive detection of ongoing attacks is therefore critically important. In this paper we describe the design and implementation of Peeper, a policy based system for data leakage detection that utilizes operating system call provenance. The implementation of our scheme shows that it enables real-time data detection of data leakage. It tracks the operations performed on sensitive files and issues alerts if suspicious activities are detected.

Original languageEnglish
Title of host publicationProceedings - 2016 International Conference on Intelligent Networking and Collaborative Systems, IEEE INCoS 2016
EditorsFatos Xhafa, Ivan Zelinka, Leonard Barolli, Vaclav Snasel
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages486-491
Number of pages6
ISBN (Electronic)9781509041237
DOIs
Publication statusPublished - 25 Oct 2016
Event8th International Conference on Intelligent Networking and Collaborative Systems, IEEE INCoS 2016 - Ostrava, Czech Republic
Duration: 7 Sep 20169 Sep 2016

Publication series

NameProceedings - 2016 International Conference on Intelligent Networking and Collaborative Systems, IEEE INCoS 2016

Conference

Conference8th International Conference on Intelligent Networking and Collaborative Systems, IEEE INCoS 2016
Country/TerritoryCzech Republic
CityOstrava
Period7/09/169/09/16

Keywords

  • Advanced Persistent Threat
  • Cloud computing
  • Data exfiltration detection
  • Data leakage
  • Provenance

Fingerprint

Dive into the research topics of 'Data leakage detection using system call provenance'. Together they form a unique fingerprint.

Cite this