On the detection of pod slurping attacks

Kavallaris, Theodoros; Katos, Vasilios

doi:10.1016/j.cose.2010.01.002

Cited by 3 publications

(2 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Kavallaris and Katos [168] use a similar methodology to defend against pod-slurping attacks, where data has been covertly copied to a USB device. They base their method on the access timestamps of files and the file transfer rates of devices, demonstrating that, with specific countermeasures, host systems storing confidential data can not only detect but protect themselves against duplication to unauthorised devices.…”

Section: Probabilistic Forensicsmentioning

confidence: 99%

“…Grier [166] In use A method to find out whether a file has been copied or not based on examination of file system. Patel & Singh [167] In use A technique for providing ease in differentiating between copy operation and rest of the operations Kavallaris & Katos [168] In use An approach for preventing data being copied to an un-authorized USB device Papadimitriou & Garcia-Molina [169] In use A model for identification of guilty trusted party who has leaked data Wang et al [170] In use A technique based on probabilistic analysis to identify the insider who leaked data Kumar et al [171] In use An approach for smart data allocation which helps in tracing the data leaker Krishnan et al [172] In use An approach for post-exfiltration analysis to identify what, when and how based on reconstruction of events using logged data from the hypervisor Yu et al [173] In use A technique for identification of the path used for exfiltration of data using statistical analysis Xu et al [174] In use A technique based on probabilistic analysis to identify path and responsible party for data leakage Counter-Intelligence Operation Deng et al [177] In use An approach for tracing the traitor who illegally distribute access credentials of a cloud application Ikegami & Yamauch [175] In use An approach that detects, prevents and tracks the attacker Alexander et al [176] In use A technique for hiding detective and investigative software from the attacker using rootkit Fig. 13 shows the mapping of the attack vectors identified in section 3 onto the countermeasures reported in section 4.3.…”

Section: Probabilistic Forensicsmentioning

confidence: 99%

See 1 more Smart Citation

Data exfiltration: A review of external attack vectors and countermeasures

Ullah

Edwards

Ramdhany

et al. 2018

Journal of Network and Computer Applications

104

View full text Add to dashboard Cite

Context: One of the main targets of cyber-attacks is data exfiltration, which is the leakage of sensitive or private data to an unauthorized entity. Data exfiltration can be perpetrated by an outsider or an insider of an organization. Given the increasing number of data exfiltration incidents, a large number of data exfiltration countermeasures have been developed. These countermeasures aim to detect, prevent, or investigate exfiltration of sensitive or private data. With the growing interest in data exfiltration, it is important to review data exfiltration attack vectors and countermeasures to support future research in this field. Objective: This paper is aimed at identifying and critically analysing data exfiltration attack vectors and countermeasures for reporting the status of the art and determining gaps for future research. Method: We have followed a structured process for selecting 108 papers from seven publication databases. Thematic analysis method has been applied to analyse the extracted data from the reviewed papers. Results: We have developed a classification of (1) data exfiltration attack vectors used by external attackers and (2) the countermeasures in the face of external attacks. We have mapped the countermeasures to attack vectors. Furthermore, we have explored the applicability of various countermeasures for different states of data (i.e., in use, in transit, or at rest). Conclusion: This review has revealed that (a) most of the state of the art is focussed on preventive and detective countermeasures and significant research is required on developing investigative countermeasures that are equally important; (b) Several data exfiltration countermeasures are not able to respond in real-time, which specifies that research efforts need to be invested to enable them to respond in real-time (c) A number of data exfiltration countermeasures do not take privacy and ethical concerns into consideration, which may become an obstacle in their full adoption (d) Existing research is primarily focussed on protecting data in 'in use' state, therefore, future research needs to be directed towards securing data in 'in rest' and 'in transit' states (e) There is no standard or framework for evaluation of data exfiltration countermeasures. We assert the need for developing such an evaluation framework.

show abstract

Section: Probabilistic Forensicsmentioning

confidence: 99%

Section: Probabilistic Forensicsmentioning

confidence: 99%

Data exfiltration: A review of external attack vectors and countermeasures

Ullah

Edwards

Ramdhany

et al. 2018

Journal of Network and Computer Applications

104

View full text Add to dashboard Cite

show abstract

Towards A Systemic Framework for Digital Forensic Readiness

Elyas

Maynard

Ahmad

et al. 2014

Journal of Computer Information Systems

View full text Add to dashboard Cite

A Survey on Digital Forensics Trends

Dehghantanha¹,

Damshenas²

2014

IJCSDF

View full text Add to dashboard Cite

Digital forensic has evolved from addressing minor computer crimes to investigation of complex international cases with massive effect on the world. This paper studies the evolution of the digital forensic; its origins, its current position and its future directions. This paper sets the scene with exploring past literature on digital forensic approaches followed by the assessment and analysis of current state of art in both industrial and academic digital forensics research. The obtained results are compared and analyzed to provide a comprehensive view of the current digital forensics landscape. Furthermore, this paper highlights critical digital forensic issues that are being overlooked and not being addressed as deserved. The paper finally concludes with offering future research directions in this area.

show abstract

On the detection of pod slurping attacks

Cited by 3 publications

References 12 publications

Data exfiltration: A review of external attack vectors and countermeasures

Data exfiltration: A review of external attack vectors and countermeasures

Towards A Systemic Framework for Digital Forensic Readiness

A Survey on Digital Forensics Trends

Contact Info

Product

Resources

About