Reversing the asymmetry in data exfiltration
David Skillicorn, Xiao Li, Karen Chen
TL;DR
This paper proposes a novel defense mechanism against data exfiltration by supplementing real documents with many fake versions, making it harder for attackers to identify and exfiltrate sensitive data.
Contribution
It introduces a cost-effective method of creating algorithmically generated fake documents to reverse the typical asymmetry in data exfiltration scenarios.
Findings
Fake documents are difficult for attackers to distinguish from real ones.
The approach shifts the advantage from attacker to defender.
Creating fakes is computationally inexpensive.
Abstract
Preventing data exfiltration from computer systems typically depends on perimeter defences, but these are becoming increasingly fragile. Instead we suggest an approach in which each at-risk document is supplemented by many fake versions of itself. An attacker must either exfiltrate all of them; or try to discover which is the real one while operating within the penetrated system, and both are difficult. Creating and maintaining many fakes is relatively inexpensive, so the advantage that typically accrues to an attacker now lies with the defender. We show that algorithmically generated fake documents are reasonably difficult to detect using algorithmic analytics.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsCryptography and Data Security · Network Security and Intrusion Detection · Internet Traffic Analysis and Secure E-voting