2018
DOI: 10.1016/j.jnca.2017.10.016
|View full text |Cite
|
Sign up to set email alerts
|

Data exfiltration: A review of external attack vectors and countermeasures

Abstract: Context: One of the main targets of cyber-attacks is data exfiltration, which is the leakage of sensitive or private data to an unauthorized entity. Data exfiltration can be perpetrated by an outsider or an insider of an organization. Given the increasing number of data exfiltration incidents, a large number of data exfiltration countermeasures have been developed. These countermeasures aim to detect, prevent, or investigate exfiltration of sensitive or private data. With the growing interest in data exfiltrat… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

1
55
0

Year Published

2018
2018
2023
2023

Publication Types

Select...
5
4
1

Relationship

1
9

Authors

Journals

citations
Cited by 103 publications
(56 citation statements)
references
References 143 publications
(300 reference statements)
1
55
0
Order By: Relevance
“…• Volume of outbound traffic. unusual increase in outgoing traffic could be a sign of data exfiltration [66]. Organisations have a responsibility to protect their sensitive data and any breach is likely to attract attention from the government bodies with responsibilities for enforcing the data protection laws such as GDPR.…”
Section: A Indicators Of Compromise Based Metrics (Ioc)mentioning
confidence: 99%
“…• Volume of outbound traffic. unusual increase in outgoing traffic could be a sign of data exfiltration [66]. Organisations have a responsibility to protect their sensitive data and any breach is likely to attract attention from the government bodies with responsibilities for enforcing the data protection laws such as GDPR.…”
Section: A Indicators Of Compromise Based Metrics (Ioc)mentioning
confidence: 99%
“…This section discusses the surveys and review articles on insider threats. Only a few papers were found, i.e., [6][7][8][9][10][11][12][13][14][15][16]. Walker-Roberts et al [6] conducted a systematic review on insider threat detection; however, the scope of the review focused only on insider threats in healthcare critical infrastructures.…”
Section: Related Studiesmentioning
confidence: 99%
“…In the context of security analytics, privacy assurance is quite critical because a number of security analytic systems capture, store, and process packet payload, which contains personal data of users. For example, one of the reviewed papers i.e., [S17] employs a technique called content inspection [43], which in addition to the header information, also capture, store, and process payload of network packets. According to the European data laws and regulations [44], it is not allowed to store and process the packet payload without the relevant users' consent.…”
Section: 18%mentioning
confidence: 99%