...
  • 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Journal of network and computer applications >Using malware for the greater good: Mitigating data leakage
【24h】

Using malware for the greater good: Mitigating data leakage

机译:使用恶意软件带来更大好处:减少数据泄漏

获取原文
获取原文并翻译 | 示例
   

获取外文期刊封面封底 >>

       
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Accidental (i.e., non-malicious) data leakage can occur through emails, storage media, file-sharing services, social networks, and so on, and are one of the most commonly reported threats. We present DocGuard, a novel method designed to counter accidental data leakage. Unlike existing solutions, DocGuard is effective even when a file has already leaked out of the organization's network. However, our approach does not require additional installation or software update, outside the organizational network, and it supports virtually any type of file (e.g., binaries, source-code, documents and media). Specifically, the key idea is to let existing anti-malware/anti-virus (AV) products (at the user PCs, cloud services, ISPs and e-mail gateways) identify the leaked file and block access to the identified file, in the same manner the AV product stops the propagation of an identified malware. DocGuard injects a hidden signature associated with a known malware to sensitive files. If the files are somehow leaked out of the organization's boundaries, an AV, either on the user's PC or at the network, will detect it as a real threat and immediately delete or quarantine it before it can be accessed and shared further. We implement DocGuard and evaluate it on various file types including documents, spreadsheets, presentations, images, executable binaries and textual source code. Our evaluations include different leakage paths such as e-mails, file-sharing and cloud services, social networks and physical media. The evaluation results have demonstrated almost 100% effectiveness in stopping the leakage at its initial phases. In order to evaluate DocGuard at a larger scale, we simulate a leakage scenario over the topology of real social networks. Our results show that DocGuard is highly effective not only for stopping the initial leak but also in preventing the propagation of leaked files over the Internet and though social networks.
机译:偶然的(即非恶意的)数据泄漏可能通过电子邮件,存储介质,文件共享服务,社交网络等发生,并且是最常报告的威胁之一。我们介绍DocGuard,这是一种旨在应对意外数据泄漏的新颖方法。与现有解决方案不同,即使文件已经从组织的网络中泄漏出去,DocGuard仍然有效。但是,我们的方法不需要在组织网络外部进行额外的安装或软件更新,它实际上支持任何类型的文件(例如,二进制文件,源代码,文档和媒体)。具体而言,关键思想是让现有的反恶意软件/防病毒(AV)产品(在用户PC,云服务,ISP和电子邮件网关处)识别泄漏的文件并阻止对已识别文件的访问。 AV产品以相同的方式阻止已识别恶意软件的传播。 DocGuard会将与已知恶意软件关联的隐藏签名注入敏感文件。如果文件以某种方式泄露到组织范围之外,则用户PC或网络上的AV会将其检测为真正的威胁,并立即将其删除或隔离,然后再进行访问和共享。我们实施DocGuard并评估各种文件类型,包括文档,电子表格,演示文稿,图像,可执行二进制文件和文本源代码。我们的评估包括不同的泄漏路径,例如电子邮件,文件共享和云服务,社交网络和物理媒体。评估结果表明,在初始阶段阻止泄漏的有效性几乎达到100%。为了更大规模地评估DocGuard,我们在真实社交网络的拓扑上模拟了泄漏情况。我们的结果表明,DocGuard不仅对阻止最初的泄漏非常有效,而且还可以防止泄漏的文件通过Internet和社交网络传播。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号