did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

We're the #1 textbook rental company. Let us show you why.

9781119898870

Data Exfiltration Threats and Prevention Techniques Machine Learning and Memory-Based Data Security

by ; ; ;
  • ISBN13:

    9781119898870

  • ISBN10:

    1119898870

  • Edition: 1st
  • Format: Hardcover
  • Copyright: 2023-06-07
  • Publisher: Wiley-IEEE Press
  • Purchase Benefits
List Price: $144.00 Save up to $0.72
  • Buy New
    $143.28
    Add to Cart Free Shipping Icon Free Shipping

    PRINT ON DEMAND: 2-4 WEEKS. THIS ITEM CANNOT BE CANCELLED OR RETURNED.

Supplemental Materials

What is included with this book?

Summary

DATA EXFILTRATION THREATS AND PREVENTION TECHNIQUES

Comprehensive resource covering threat prevention techniques for data exfiltration and applying machine learning applications to aid in identification and prevention

Data Exfiltration Threats and Prevention Techniques provides readers the knowledge needed to prevent and protect from malware attacks by introducing existing and recently developed methods in malware protection using AI, memory forensic, and pattern matching, presenting various data exfiltration attack vectors and advanced memory-based data leakage detection, and discussing ways in which machine learning methods have a positive impact on malware detection.

Providing detailed descriptions of the recent advances in data exfiltration detection methods and technologies, the authors also discuss details of data breach countermeasures and attack scenarios to show how the reader may identify a potential cyber attack in the real world.

Composed of eight chapters, this book presents a better understanding of the core issues related to the cyber-attacks as well as the recent methods that have been developed in the field.

In Data Exfiltration Threats and Prevention Techniques, readers can expect to find detailed information on:

  • Sensitive data classification, covering text pre-processing, supervised text classification, automated text clustering, and other sensitive text detection approaches
  • Supervised machine learning technologies for intrusion detection systems, covering taxonomy and benchmarking of supervised machine learning techniques
  • Behavior-based malware detection using API-call sequences, covering API-call extraction techniques and detecting data stealing behavior based on API-call sequences
  • Memory-based sensitive data monitoring for real-time data exfiltration detection and advanced time delay data exfiltration attack and detection

Aimed at professionals and students alike, Data Exfiltration Threats and Prevention Techniques highlights a range of machine learning methods that can be used to detect potential data theft and identifies research gaps and the potential to make change in the future as technology continues to grow.

Author Biography

Nasrin Sohrabi is currently pursuing her PhD in Computer Science at RMIT. She received her Bachelor’s degree in Computer Software Engineering from Islamic Azad University, Iran.

Zahir Tari is Professor at RMIT and Research Director of the RMIT Centre of Cyber Security Research and Innovation.

Table of Contents

Acknowledgments ix

Acronyms xi

1 Introduction 5

1.1 Data Exfiltration Methods . . . . . . . . . . . . . . . . . . . . . 9

1.2 Important Questions . . . . . . . . . . . . . . . . . . . . . . . . . 14

1.3 Book Scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

1.4 Book Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

1.5 Book Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

2 Background 29

2.1 Hidden Markov Model . . . . . . . . . . . . . . . . . . . . . . . . 29

2.2 Memory Forensics . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

2.3 Bag-of-Words Model . . . . . . . . . . . . . . . . . . . . . . . . . 42

2.4 Sparse Distributed Representation . . . . . . . . . . . . . . . . . 43

2.5 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

3 Data Security Threats 47

3.1 Data Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48

3.2 Security vs. Protection vs. Privacy . . . . . . . . . . . . . . . . . 53

3.3 Advanced Persistent Threats Attacks . . . . . . . . . . . . . . . 54

v

3.4 Cybersecurity Threats . . . . . . . . . . . . . . . . . . . . . . . . 58

3.5 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89

4 Use Cases Data Leakage Attacks 91

4.1 Most Significant Attacks . . . . . . . . . . . . . . . . . . . . . . . 91

4.2 Top Infection Vectors . . . . . . . . . . . . . . . . . . . . . . . . . 98

4.3 Top Threats of Recent Years . . . . . . . . . . . . . . . . . . . . 101

4.4 Malware Development Trends . . . . . . . . . . . . . . . . . . . . 103

4.5 Geographic Trends . . . . . . . . . . . . . . . . . . . . . . . . . . 108

4.6 Industry Trends . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114

4.7 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116

5 Survey on Building Block Technologies 117

5.1 Motivation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118

5.2 Background . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123

5.3 Taxonomy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137

5.4 Supervised Learning Methods . . . . . . . . . . . . . . . . . . . . 140

5.5 Systematic Literature Review . . . . . . . . . . . . . . . . . . . . 155

5.6 Evaluation of Supervised Learning Methods . . . . . . . . . . . . 156

5.7 Key Open Problems . . . . . . . . . . . . . . . . . . . . . . . . . 175

5.8 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178

6 Behavior-based Data Exfiltration Detection 179

6.1 Motivation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180

6.2 Existing Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . 183

vi

6.3 Sub-Curve HMM Method . . . . . . . . . . . . . . . . . . . . . . 190

6.4 Evaluation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206

6.5 Experimental Results . . . . . . . . . . . . . . . . . . . . . . . . . 214

6.6 Discussion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223

6.7 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227

7 Memory-based Data Exfiltration Detection 229

7.1 Motivation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230

7.2 Existing Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . 233

7.3 Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 237

7.4 Fast lookup Bag-of-Words (FBoW) . . . . . . . . . . . . . . . . 244

7.5 Evaluation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 256

7.6 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278

8 Temporal-based Data Exfiltration Detection 281

8.1 Motivation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 281

8.2 Existing Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . 285

8.3 Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287

8.4 Temporary Memory Bag-of-Words (TMBoW) . . . . . . . . . . 293

8.5 Experimental Results . . . . . . . . . . . . . . . . . . . . . . . . . 301

8.6 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314

9 Conclusion 317

Supplemental Materials

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Rewards Program