Data Exfiltration Threats and Prevention Techniques

Name: Data Exfiltration Threats and Prevention Techniques | Machine Learning and Memory-Based Data Security
Brand: Wiley-IEEE Press
Price: 124.5 EUR
Availability: BackOrder

Machine Learning and Memory-Based Data Security

Zahir Tari Nasrin Sohrabi Yasaman Samadi Jakapan Suaboot(Autor*in)

Wiley-IEEE Press

1. Auflage

Erschienen am 23. Mai 2023

Buch

Hardcover

288 Seiten

978-1-119-89887-0 (ISBN)

124,50 €inkl. 7% MwSt.

Versand in 15-20 Tagen

Beschreibung

DATA EXFILTRATION THREATS AND PREVENTION TECHNIQUES Comprehensive resource covering threat prevention techniques for data exfiltration and applying machine learning applications to aid in identification and prevention

Data Exfiltration Threats and Prevention Techniques provides readers the knowledge needed to prevent and protect from malware attacks by introducing existing and recently developed methods in malware protection using AI, memory forensic, and pattern matching, presenting various data exfiltration attack vectors and advanced memory-based data leakage detection, and discussing ways in which machine learning methods have a positive impact on malware detection.

Providing detailed descriptions of the recent advances in data exfiltration detection methods and technologies, the authors also discuss details of data breach countermeasures and attack scenarios to show how the reader may identify a potential cyber attack in the real world.

Composed of eight chapters, this book presents a better understanding of the core issues related to the cyber-attacks as well as the recent methods that have been developed in the field.

In Data Exfiltration Threats and Prevention Techniques, readers can expect to find detailed information on:

Sensitive data classification, covering text pre-processing, supervised text classification, automated text clustering, and other sensitive text detection approaches
Supervised machine learning technologies for intrusion detection systems, covering taxonomy and benchmarking of supervised machine learning techniques
Behavior-based malware detection using API-call sequences, covering API-call extraction techniques and detecting data stealing behavior based on API-call sequences
Memory-based sensitive data monitoring for real-time data exfiltration detection and advanced time delay data exfiltration attack and detection

Aimed at professionals and students alike, Data Exfiltration Threats and Prevention Techniques highlights a range of machine learning methods that can be used to detect potential data theft and identifies research gaps and the potential to make change in the future as technology continues to grow.

DATA EXFILTRATION THREATS AND PREVENTION TECHNIQUES

Comprehensive resource covering threat prevention techniques for data exfiltration and applying machine learning applications to aid in identification and prevention

Data Exfiltration Threats and Prevention Techniques provides readers the knowledge needed to prevent and protect from malware attacks by introducing existing and recently developed methods in malware protection using AI, memory forensic, and pattern matching, presenting various data exfiltration attack vectors and advanced memory-based data leakage detection, and discussing ways in which machine learning methods have a positive impact on malware detection.

Providing detailed descriptions of the recent advances in data exfiltration detection methods and technologies, the authors also discuss details of data breach countermeasures and attack scenarios to show how the reader may identify a potential cyber attack in the real world.

Composed of eight chapters, this book presents a better understanding of the core issues related to the cyber-attacks as well as the recent methods that have been developed in the field.

In Data Exfiltration Threats and Prevention Techniques, readers can expect to find detailed information on:

<ul><li>Sensitive data classification, covering text pre-processing, supervised text classification, automated text clustering, and other sensitive text detection approaches</li><li>Supervised machine learning technologies for intrusion detection systems, covering taxonomy and benchmarking of supervised machine learning techniques</li><li>Behavior-based malware detection using API-call sequences, covering API-call extraction techniques and detecting data stealing behavior based on API-call sequences</li><li>Memory-based sensitive data monitoring for real-time data exfiltration detection and advanced time delay data exfiltration attack and detection</li></ul>

Aimed at professionals and students alike, Data Exfiltration Threats and Prevention Techniques highlights a range of machine learning methods that can be used to detect potential data theft and identifies research gaps and the potential to make change in the future as technology continues to grow.

Weitere Details

Weitere Ausgaben

Personen

Zahir Tari is Professor at RMIT and Research Director of the RMIT Centre of Cyber Security Research and Innovation.

Nasrin Sohrabi received a PhD in Computer Science from RMIT University, Australia. She is a Postdoctoral Research Fellow in Cloud, Systems and Security discipline, School of Computing Technologies, RMIT University and a core member of the RMIT Centre of Cyber Security Research and Innovation (CCSRI). She has several publications in highly ranked conferences and journals, including ICDE, IEEE Transactions on Services Computings, ACM Computing surveys, IEEE Transactions on Transportation systems, IEEE Transactions on Smart Grids.

Yasaman Samadi is a PhD student in Computer Science at RMIT University, Australia and a researcher in Quantum Cybersecurity. Yasaman has a Master's in Computer Architecture and worked as a quantum engineer at QBee.

Jakapan Suaboot received his PhD in Cybersecurity from RMIT, Australia. He previously worked as a Lecturer for the Department of Computer Engineering from Prince of Songkla University, Phuket, Thailand.

Zahir Tari is Professor at RMIT and Research Director of the RMIT Centre of Cyber Security Research and Innovation.

Nasrin Sohrabi received a PhD in Computer Science from RMIT University, Australia. She is a Postdoctoral Research Fellow in Cloud, Systems and Security discipline, School of Computing Technologies, RMIT University and a core member of the RMIT Centre of Cyber Security Research and Innovation (CCSRI). She has several publications in highly ranked conferences and journals, including ICDE, IEEE Transactions on Services Computings, ACM Computing surveys, IEEE Transactions on Transportation systems, IEEE Transactions on Smart Grids.

Yasaman Samadi is a PhD student in Computer Science at RMIT University, Australia and a researcher in Quantum Cybersecurity. Yasaman has a Master's in Computer Architecture and worked as a quantum engineer at QBee.

Jakapan Suaboot received his PhD in Cybersecurity from RMIT, Australia. He previously worked as a Lecturer for the Department of Computer Engineering from Prince of Songkla University, Phuket, Thailand.

Autor*in

Zahir Tari

The Royal Melbourne Institute of Technology, Australia

Nasrin Sohrabi

The Royal Melbourne Institute of Technology, Australia

Yasaman Samadi

The Royal Melbourne Institute of Technology, Australia

Jakapan Suaboot

Prince of Songkla University, Phuket, Thailand

Inhalt

Acknowledgments ix

Acronyms xi

1 Introduction 5

1.1 Data Exfiltration Methods . . . . . . . . . . . . . . . . . . . . . 9

1.2 Important Questions . . . . . . . . . . . . . . . . . . . . . . . . . 14

1.3 Book Scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

1.4 Book Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

1.5 Book Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

2 Background 29

2.1 Hidden Markov Model . . . . . . . . . . . . . . . . . . . . . . . . 29

2.2 Memory Forensics . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

2.3 Bag-of-Words Model . . . . . . . . . . . . . . . . . . . . . . . . . 42

2.4 Sparse Distributed Representation . . . . . . . . . . . . . . . . . 43

2.5 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

3 Data Security Threats 47

3.1 Data Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48

3.2 Security vs. Protection vs. Privacy . . . . . . . . . . . . . . . . . 53

3.3 Advanced Persistent Threats Attacks . . . . . . . . . . . . . . . 54

3.4 Cybersecurity Threats . . . . . . . . . . . . . . . . . . . . . . . . 58

3.5 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89

4 Use Cases Data Leakage Attacks 91

4.1 Most Significant Attacks . . . . . . . . . . . . . . . . . . . . . . . 91

4.2 Top Infection Vectors . . . . . . . . . . . . . . . . . . . . . . . . . 98

4.3 Top Threats of Recent Years . . . . . . . . . . . . . . . . . . . . 101

4.4 Malware Development Trends . . . . . . . . . . . . . . . . . . . . 103

4.5 Geographic Trends . . . . . . . . . . . . . . . . . . . . . . . . . . 108

4.6 Industry Trends . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114

4.7 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116

5 Survey on Building Block Technologies 117

5.1 Motivation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118

5.2 Background . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123

5.3 Taxonomy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137

5.4 Supervised Learning Methods . . . . . . . . . . . . . . . . . . . . 140

5.5 Systematic Literature Review . . . . . . . . . . . . . . . . . . . . 155

5.6 Evaluation of Supervised Learning Methods . . . . . . . . . . . . 156

5.7 Key Open Problems . . . . . . . . . . . . . . . . . . . . . . . . . 175

5.8 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178

6 Behavior-based Data Exfiltration Detection 179

6.1 Motivation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180

6.2 Existing Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . 183

6.3 Sub-Curve HMM Method . . . . . . . . . . . . . . . . . . . . . . 190

6.4 Evaluation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206

6.5 Experimental Results . . . . . . . . . . . . . . . . . . . . . . . . . 214

6.6 Discussion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223

6.7 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227

7 Memory-based Data Exfiltration Detection 229

7.1 Motivation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230

7.2 Existing Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . 233

7.3 Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 237

7.4 Fast lookup Bag-of-Words (FBoW) . . . . . . . . . . . . . . . . 244

7.5 Evaluation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 256

7.6 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278

8 Temporal-based Data Exfiltration Detection 281

8.1 Motivation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 281

8.2 Existing Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . 285

8.3 Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287

8.4 Temporary Memory Bag-of-Words (TMBoW) . . . . . . . . . . 293

8.5 Experimental Results . . . . . . . . . . . . . . . . . . . . . . . . . 301

8.6 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314

9 Conclusion 317

Inhalt (PDF)

Als PDF speichern Als Link merken