Data Exfiltration: Preventive and Detective Countermeasures

Lal, Anushka; Prasad, Ankit; Kumar, Ankit; Kumar, Shailender

doi:10.2139/ssrn.4031852

Cited by 2 publications

(1 citation statement)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Exfiltration is the cybersecurity term for the opposite of infiltration (i.e., breaking into a protected environment). Exfiltration occurs when a data thief transfers data from the possession of its owner to a party who is not ethically and/or legally authorized to possess it [10]. Unlike image-based steganography, there is rarely a legitimate need to hide data in network packets.…”

Section: Introductionmentioning

confidence: 99%

Performance Impact of Header-Based Network Steganographic Countermeasures

Flowers

2022

IEEE Access

View full text Add to dashboard Cite

Cybersecurity executives, engineers, and decision-makers should not presume effective network steganographic countermeasures come at the cost of performance. A performance assessment of network steganographic countermeasures during an experimental data exfiltration attack revealed a negligible influence on latency. Despite the advanced nature of the attack, preventative controls did not degrade packet round-trip times to a statistically significant degree. During the experiment, synthetic credit card numbers were exfiltrated at a rate equivalent to (US)$74,702 per second. The measured round trip time between a covert transmitting host and covert receiving host was nearly identical regardless of whether interventions were active or inactive. The de minimis effect suggests similar preventative controls in an enterprise environment would not have an adverse effect on large volumes of business network traffic in the presence of an actual attack.

show abstract

Section: Introductionmentioning

confidence: 99%