Share Email Print
cover

Proceedings Paper

Data exfiltration and covert channels
Author(s): Annarita Giani; Vincent H. Berk; George V. Cybenko
Format Member Price Non-Member Price
PDF $14.40 $18.00

Paper Abstract

Within an organization, the possibility of a confidential information leak ranks among the highest fears of any executive. Detecting information leaks is a challenging problem, since most organizations depend on a broad and diverse communications network. It is not always straightforward to conclude which information is leaving the organization legitimately, and which communications are malicious data exfiltrations. Sometimes it is not even possible to tell that a communication is occurring at all. The set of all possible exfiltration methods contains, at a minimum, the set of all possible information communication methods, and possibly more. This article cannot possibly cover all such methods; however, several notable examples are given, and a taxonomy of data exfiltration is developed. Such a taxonomy cannot ever be exhaustive, but at the very least can offer a framework for organizing methods and developing defenses.

Paper Details

Date Published: 10 May 2006
PDF: 11 pages
Proc. SPIE 6201, Sensors, and Command, Control, Communications, and Intelligence (C3I) Technologies for Homeland Security and Homeland Defense V, 620103 (10 May 2006); doi: 10.1117/12.670123
Show Author Affiliations
Annarita Giani, Dartmouth College (United States)
Vincent H. Berk, Dartmouth College (United States)
George V. Cybenko, Dartmouth College (United States)


Published in SPIE Proceedings Vol. 6201:
Sensors, and Command, Control, Communications, and Intelligence (C3I) Technologies for Homeland Security and Homeland Defense V
Edward M. Carapezza, Editor(s)

© SPIE. Terms of Use
Back to Top