An integrated data exfiltration monitoring tool for a large organization with highly confidential data source

Author

Suresh, Nitha Rachel ; Malhotra, Nikhil ; Kumar, Rohit ; Thanudas, B.

Author_Institution

Inf. Security & Comput. Forensics, SRM Univ., Chennai, India

fYear

2012

fDate

12-13 Sept. 2012

Firstpage

149

Lastpage

153

Abstract

Data security in a highly confidential large network is of paramount importance. Confidential data networks belonging to secret agencies and government organizations are common targets for data exfiltration. This has become a growing concern in such networks. Present day intrusion detection and prevention systems and firewalls cannot possibly prevent an insider exfiltrating vital data for ulterior purposes. Hence developing an exfiltration detection tool that exclusively detects data exfiltration is of much importance. In this paper, we present an integrated monitoring tool that detects data exfiltration. This tool employs twofold approach in detecting exfiltration 1) Profiling traffic - in/out correlation 2) Estimating FTP Server access.

Keywords

computer network security; data integration; government data processing; network servers; organisational aspects; telecommunication traffic; FTP server access estimation; confidential data networks; confidential data source; confidential large network; data security; government organizations; in-out correlation; insider attack; integrated data exfiltration monitoring tool; secret agencies; traffic profiling; Computer science; Correlation; Data mining; Educational institutions; Monitoring; Security; Servers; Anomaly; Correlation; Data Exfiltration; Insider attack; Monitoring tool;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Science and Electronic Engineering Conference (CEEC), 2012 4th

Conference_Location

Colchester

Print_ISBN

978-1-4673-2665-0

Type

conf

DOI

10.1109/CEEC.2012.6375395

Filename

6375395