Insider Threat Control: Using Plagiarism Detection Algorithms to Prevent Data Exfiltration in Near Real Time

Abstract

In organizations with access to the internet, the potential for data leakage is ever present. Data loss prevention is a difficult issue because exfiltration channels, such as modern webmail services, are readily available to insiders. An insider can paste text into a webmail message to bypass other controls. Therefore, monitoring must include the content of this communication. A data loss prevention control determines if the content in outgoing web requests is similar to the organization's intellectual property, actively blocks suspicious requests, and logs these events. This technical note describes how a control can monitor web request traffic for text-based data exfiltration attempts and block them in real time. Using this control can help an organization protect text-based intellectual property, including source code repositories.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Oct 01, 2013
Accession Number
ADA610372

Entities

People

  • Daniel F. Costa
  • George J. Silowash
  • Todd Lewellen

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Computer Programming
  • Computer Programs
  • Computers
  • Cybersecurity
  • Data Exfiltration
  • Department Of Homeland Security
  • Detection
  • Electronic Mail
  • Information Systems
  • Insider Threats
  • Intellectual Property
  • Law
  • Operating Systems
  • Security
  • Software Development
  • Web Browsers
  • Word Processors

Fields of Study

  • Computer science

Readers

  • Agent-Based Social Robotics and Mobile-Assisted Learning in Virtual Environments.
  • Computer Science/Computer Engineering/Data Science/Digital Signal Processing.
  • Cybersecurity.