Towards reducing the data exfiltration surface for the insider threat

Bob G. Schlicher, Lawrence P. MacIntyre, Robert K. Abercrombie

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

7 Scopus citations

Abstract

Unauthorized data exfiltrations from both insiders and outsiders are costly and damaging. Network communication resources can be used for transporting data illicitly out of the enterprise or cloud. Combined with built-in malware copying utilities, we define this set of tools as comprising the Data Exfiltration Surface (DXS). For securing valuable data, it is desirable to reduce the DXS and maintain controls on the egress points. Our approach is to host the data in a protected enclave that includes novel Software Data Diode (SDD) installed on a secured, border gateway. The SDD allows copying data into the enclave systems but denies data from being copied out. Simultaneously, it permits remote access with remote desktop and console applications. Our tests demonstrate that we are able to effectively reduce the DXS and we are able to protect data from being exfiltrated through the use of the SDD.

Original languageEnglish
Title of host publicationProceedings of the 49th Annual Hawaii International Conference on System Sciences, HICSS 2016
EditorsRalph H. Sprague, Tung X. Bui
PublisherIEEE Computer Society
Pages2749-2758
Number of pages10
ISBN (Electronic)9780769556703
DOIs
StatePublished - Mar 7 2016
Event49th Annual Hawaii International Conference on System Sciences, HICSS 2016 - Koloa, United States
Duration: Jan 5 2016Jan 8 2016

Publication series

NameProceedings of the Annual Hawaii International Conference on System Sciences
Volume2016-March
ISSN (Print)1530-1605

Conference

Conference49th Annual Hawaii International Conference on System Sciences, HICSS 2016
Country/TerritoryUnited States
CityKoloa
Period01/5/1601/8/16

Keywords

  • Data Exfiltration
  • Data Exfiltration Surface
  • Insider Threat
  • Software Data Diode

Fingerprint

Dive into the research topics of 'Towards reducing the data exfiltration surface for the insider threat'. Together they form a unique fingerprint.

Cite this