Implementing Data Exfiltration Defense in Situ: A Survey of Countermeasures and Human Involvement-Reference-Cited by-同舟云学术

Implementing Data Exfiltration Defense in Situ: A Survey of Countermeasures and Human Involvement

Published:2023-07-17 Issue:14s Volume:55 Page:1-37
ISSN:0360-0300
Container-title:ACM Computing Surveys
language:en
Short-container-title:ACM Comput. Surv.

Author:

Chung Mu-Huan¹^ORCID,Yang Yuhong¹^ORCID,Wang Lu¹^ORCID,Cento Greg²^ORCID,Jerath Khilan²^ORCID,Raman Abhay²^ORCID,Lie David¹^ORCID,Chignell Mark H.¹^ORCID

Affiliation:

1. University of Toronto, Canada

2. Sun Life Financial, Canada

Abstract

In this article we consider the problem of defending against increasing data exfiltration threats in the domain of cybersecurity. We review existing work on exfiltration threats and corresponding countermeasures. We consider current problems and challenges that need to be addressed to provide a qualitatively better level of protection against data exfiltration. After considering the magnitude of the data exfiltration threat, we outline the objectives of this article and the scope of the review. We then provide an extensive discussion of present methods of defending against data exfiltration. We note that current methodologies for defending against data exfiltration do not connect well with domain experts, both as sources of knowledge and as partners in decision-making. However, human interventions continue to be required in cybersecurity. Thus, cybersecurity applications are necessarily socio-technical systems that cannot be safely and efficiently operated without considering relevant human factor issues. We conclude with a call for approaches that can more effectively integrate human expertise into defense against data exfiltration.

Funder

Mitacs

Publisher

Association for Computing Machinery (ACM)

Subject

General Computer Science,Theoretical Computer Science

Link

https://dl.acm.org/doi/pdf/10.1145/3582077

Reference232 articles.

1. Network and Distributed Systems Security Symposium (NDSS’19) 2019 Nodoze: Combatting threat alert fatigue with automated provenance triage

2. Social Engineering Threat and Defense: A Literature Survey

3. Machine learning based model to identify firewall decisions to improve cyber-defense;Al-Haija Qasem Abu;International Journal on Advanced Science Engineering and Information Technology,2021

4. M. Afshar S. Samet and H. Usefi. 2021. Incorporating behavior in attribute based access control model using machine learning. In 2021 IEEE International Systems Conference (SysCon) . IEEE 1–8.

5. Efficient string matching;Aho Alfred V.;Commun. ACM,1975

Cited by 8 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Automation Bias and Complacency in Security Operation Centers;Computers;2024-07-03

2. Humans and Automation: Augmenting Security Operation Centers;Journal of Cybersecurity and Privacy;2024-07-01

3. Browser‐in‐the‐middle attacks: A comprehensive analysis and countermeasures;SECURITY AND PRIVACY;2024-05-28

4. A comprehensive survey on cyber deception techniques to improve honeypot performance;Computers & Security;2024-05

5. Analysis of statistical properties of variables in log data for advanced anomaly detection in cyber security;Computers & Security;2024-02