@inproceedings{98f226e2607946f1a171b0eea0a2b121,
title = "Host-based data exfiltration detection via system call sequences",
abstract = "The host-based detection of malicious data exfiltration activities is currently a sparse area of research and mostly limited to methods that analyze network traffic or signature based detection methods that target specific processes. In this paper we explore an alternative method to host-based detection that exploits sequences of system calls and new collection methods that allow us to catch these activities in real time. We show that system call sequences can be found to reach a steady state across processes and users, and explore the viability of new methods as heuristics for profiling user behaviors.",
keywords = "Data exfiltration, Data security, Intrusion detection",
author = "Brian Jewell and Justin Beaver",
year = "2011",
language = "English",
isbn = "9781622766758",
series = "6th International Conference on Information Warfare and Security, ICIW 2011",
publisher = "Academic Conferences Ltd",
pages = "134--142",
booktitle = "6th International Conference on Information Warfare and Security, ICIW 2011",
note = "6th International Conference on Information Warfare and Security, ICIW 2011 ; Conference date: 17-03-2011 Through 18-03-2011",
}