A Mantrap-Inspired, User-Centric Data Leakage Prevention (DLP) Approach

The ease of sharing information through the Internet and Cloud Computing inadvertently introduces a growing problem of data leakages. At the same time, many end-users are unaware that their data was leaked or stolen since most data is leaked by operations running in the background. This paper introduces a novel user-centric, mantrap-inspired data leakage prevention (DLP) approach that can discover, present any sending of data -- both authorized and unauthorized -- to end-users and subsequently provide them the ability to stop the sending process. We implemented our own kernel module to work together with our user-space program in getting user´s approval for every sending process -- giving the user full control over all outbound data sending process in their devices. With this, the end-user can always decide which data sending process should be allowed or blocked. This overcomes the limitations of current, often inflexible and inaccurate DLP solutions depending on pre-set rules and content detection. We showcase a proof-of-concept for our new way of detecting data leakages in an end user´s device. This paves the way for further research covering more complex data stealing techniques, such as the use of covert channels.