SIDD: A Framework for Detecting Sensitive Data Exfiltration by an Insider Attack 42 nd Hawaii International Conference on System Sciences, 2009. Electrical.

Slides:

Advertisements

Similar presentations

DONG XU, MEMBER, IEEE, AND SHIH-FU CHANG, FELLOW, IEEE Video Event Recognition Using Kernel Methods with Multilevel Temporal Alignment.

Advertisements

A New Scheme For Robust Blind Digital Video Watermarking Supervised by Prof. LYU, Rung Tsong Michael Presented by Chan Pik Wah, Pat Mar 5, 2002 Department.

Identifying Image Spam Authorship with a Variable Bin-width Histogram-based Projective Clustering Song Gao, Chengcui Zhang, Wei Bang Chen Department of.

Steganography of Reversible Data Hiding Producer: Chia-Chen Lin Speaker: Paul 2013/06/26.

The image based surveillance system for personnel and vehicle tracking Chairman:Hung-Chi Yang Advisor: Yen-Ting Chen Presenter: Fong-Ren Sie Date:

A KLT-Based Approach for Occlusion Handling in Human Tracking Chenyuan Zhang, Jiu Xu, Axel Beaugendre and Satoshi Goto 2012 Picture Coding Symposium.

Using Auxiliary Sensors for Pair-Wise Key Establishment in WSN Source: Lecture Notes in Computer Science (2010) Authors: Qi Dong and Donggang Liu Presenter:

Authored by: Rachit Rastogi Computer Science & Engineering Deptt., College of Technology, G.B.P.U.A. & T., Pantnagar.

1 A Markov Process Based Approach to Effective Attacking JPEG Steganography By Y. Q. Shi, Chunhua Chen, Wen Chen NJIT Presented by Hanlin Hu and Xiao Zhang.

Digital Watermarking for Multimedia Security R. Chandramouli MSyNC:Multimedia Systems, Networking, and Communications Lab Stevens Institute of Technology.

Video Coding with Spatio-temporal Texture Synthesis and Edge-based inpainting Chunbo Zhu, Xiaoyan Sun, Feng Wu, and Houqiang Li ICME 2008.

Fifth International Conference on Information

Efficient Moving Object Segmentation Algorithm Using Background Registration Technique Shao-Yi Chien, Shyh-Yih Ma, and Liang-Gee Chen, Fellow, IEEE Hsin-Hua.

Improved TCAM-based Pre-Filtering for Network Intrusion Detection Systems Department of Computer Science and Information Engineering National Cheng Kung.

Efficient fault-tolerant scheme based on the RSA system Author: N.-Y. Lee and W.-L. Tsai IEE Proceedings Presented by 詹益誌 2004/03/02.

Internet Cache Pollution Attacks and Countermeasures Yan Gao, Leiwen Deng, Aleksandar Kuzmanovic, and Yan Chen Electrical Engineering and Computer Science.

Video Streaming: An FEC-Based Novel Approach Jianfei Cai, Chang Wen Chen Electrical and Computer Engineering, Canadian Conference on.

By Elo Leung and Wing Wong CS 265 Section 2 Spring 2004.

Multimedia Security Digital Video Watermarking Supervised by Prof. LYU, Rung Tsong Michael Presented by Chan Pik Wah, Pat Nov 20, 2002 Department of Computer.

A Lightweight Hop-by-Hop Authentication Protocol For Ad- Hoc Networks Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date:2005/01/20.

A Review on: Spread Spectrum Watermarking Techniques

Performance Evaluation of Grouping Algorithms Vida Movahedi Elder Lab - Centre for Vision Research York University Spring 2009.

Intrusion and Anomaly Detection in Network Traffic Streams: Checking and Machine Learning Approaches ONR MURI area: High Confidence Real-Time Misuse and.

A fast identification method for P2P flow based on nodes connection degree LING XING, WEI-WEI ZHENG, JIAN-GUO MA, WEI- DONG MA Apperceiving Computing and.

A Statistical Anomaly Detection Technique based on Three Different Network Features Yuji Waizumi Tohoku Univ.

Secure Steganography in Audio using Inactive Frames of VoIP Streams

Design of the multi-level security network switch system which restricts covert channel Conference: Communication Software and Networks (ICCSN), 2011 IEEE.

Case Based Reasoning Approach to Intrusion Detection Date: 3/14/2005 Dr. Seong-Moo Yoo Information Assurance Engineering Lab Electrical and Computer Engineering.

Introduction to Multimedia Security Topics Covered in this Course Multimedia Security.

Multimedia Databases (MMDB)

GreenDelivery: Proactive Content Caching and Push with Energy- Harvesting-based Small Cells IEEE Communications Magazine, 2015 Sheng Zhou, Jie Gong, Zhenyu.

Digital Steganography

Introduction to Visible Watermarking IPR Course: TA Lecture 2002/12/18 NTU CSIE R105.

Project title : Automated Detection of Sign Language Patterns Faculty: Sudeep Sarkar, Barbara Loeding, Students: Sunita Nayak, Alan Yang Department of.

1 Security and Robustness Enhancement for Image Data Hiding Authors: Ning Liu, Palak Amin, and K. P. Subbalakshmi, Senior Member, IEEE IEEE TRANSACTIONS.

Steganalysis of audio: attacking the Steghide

TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State.

1 Presented by Jari Korhonen Centre for Quantifiable Quality of Service in Communication Systems (Q2S) Norwegian University of Science and Technology (NTNU)

Protecting Satellite Networks from Disassociation DoS Attacks Protecting Satellite Networks from Disassociation DoS Attacks (2010 IEEE International Conference.

Digital Watermarking -Project Proposal (EE5359: Multimedia processing) Under the Guidance of Dr. K. R. Rao Submitted by: Ehsan Syed

Wireless communications and mobile computing conference, p.p , July 2011.

Multimedia & Mobile Communications Lab.

IP Routing Processing with Graphic Processors Author: Shuai Mu, Xinya Zhang, Nairen Zhang, Jiaxin Lu, Yangdong Steve Deng, Shu Zhang Publisher: IEEE Conference.

Stego Intrusion Detection System (SIDS) Michael Sieffert Assured Information Security, Inc.

Department of Computer Science and Engineering Applied Research Laboratory Architecture for a Hardware Based, TCP/IP Content Scanning System David V. Schuehler.

An Automated Signature-Based Approach against Polymorphic Internet Worms Yong Tang; Shigang Chen; IEEE Transactions on Parallel and Distributed Systems,

Dept. of Mobile Systems Engineering Junghoon Kim.

1 Watermarking Scheme Capable of Resisting Sensitivity Attack IEEE signal processing letters, vol. 14, no. 2, February. 2007, pp Xinpeng Zhang.

Towards Self-Healing Smart Grid via Intelligent Local Controller Switching under Jamming Hongbo Liu, Yingying Chen Department of ECE Stevens Institute.

Journal of Visual Communication and Image Representation

Presentation for CDA6938 Network Security, Spring 2006 Timing Analysis of Keystrokes and Timing Attacks on SSH Authors: Dawn Xiaodong Song, David Wagner,

SPIHT algorithm combined with Huffman encoding Wei Li, Zhen Peng Pang, Zhi Jie Liu, 2010 Third International Symposium on Intelligent Information Technology.

1 Detecting Hidden Messages using higher-order stats and SVMs Siwei Lyu and Hany Farid.

2009/6/221 BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure- Independent Botnet Detection Reporter : Fong-Ruei, Li Machine.

1 A Markov Process Based Approach to Effective Attacking JPEG Steganography By Y. Q. Shi, Chunhua Chen, Wen Chen NJIT Presented by Ashish Ratnakar and.

Similarity Measurement and Detection of Video Sequences Chu-Hong HOI Supervisor: Prof. Michael R. LYU Marker: Prof. Yiu Sang MOON 25 April, 2003 Dept.

Computer Science and Engineering Computer System Security CSE 5339/7339 Session 27 November 23, 2004.

WLD: A Robust Local Image Descriptor Jie Chen, Shiguang Shan, Chu He, Guoying Zhao, Matti Pietikäinen, Xilin Chen, Wen Gao 报告人：蒲薇榄.

1. ABSTRACT Information access through Internet provides intruders various ways of attacking a computer system. Establishment of a safe and strong network.

Implementation of Real Time Image Processing System with FPGA and DSP Presented by M V Ganeswara Rao Co- author Dr. P Rajesh Kumar Co- author Dr. A Mallikarjuna.

Under Guidance of Mr. A. S. Jalal Associate Professor Dept. of Computer Engineering and Applications GLA University, Mathura Presented by Dev Drume Agrawal.

Detecting Moving Objects, Ghosts, and Shadows in Video Streams

Are these Ads Safe: Detecting Hidden A4acks through Mobile App-Web Interfaces Vaibhav Rastogi, Rui Shao, Yan Chen, Xiang Pan, Shihong Zou, and Ryan Riley.

A new data transfer method via signal-rich-art code images captured by mobile devices Source: IEEE Transactions on Circuits and Systems for Video Technology,

Digital Watermarking for Image Authentication with Localization

New Framework for Reversible Data Hiding in Encrypted Domain

Unconstraint Optimal Selection of Side Information for Histogram Shifting Based Reversible Data Hiding Source: IEEE Access. March, doi: /ACCESS

A Robust Digital Watermarking Of Satellite Image at Third Level DWT Decomposition Source：International Conference on Computational Intelligence and Multimedia.

Using Association Rules as Texture features

Introduction to Multimedia Security Topics Covered in this Course

Presentation transcript:

SIDD: A Framework for Detecting Sensitive Data Exfiltration by an Insider Attack 42 nd Hawaii International Conference on System Sciences, Electrical & Computer Engineering University of California Author(s):Liu, Y., Corbett, C., Chiang, K., Archibald, R., Mukherjee, B., & Ghosal, D. 1

Outline Introduction Motivating and design space Structure of SIDD system Methodology and performance Conclusion References 2

Introduction In today's widely-connected network environments, a successful insider attack could result in serious damage to the interests of an enterprise In this paper propose a multilevel system, called SIDD (Sensitive Information Dissemination Detection), to detect the dissemination of sensitive information by an insider. 3

Motivating and design space For example, A malicious insider Z create backdoor networks to enable loss or damage of protected exfiltrate sensitive information using the enterprise’s network resources. 4

Motivating and design space Communication channel – Overt(HTTP, SSH) – Tunneled(P2P over HTTPS) – Covert(hide data into the header or payloads) Content type – Original – Modified(compressed, padded, encode) – Hidden(steganography) 5

Structure of SIDD system The captured network traffic is filtered into the application identification system to extract traffic features. 6

Structure of SIDD system Generate the signature for content traversing the network to be compared using the matching algorithm with the stored signatures in order to detect dissemination of sensitive content. 7

Structure of SIDD system Perform Steganalysis to determine the presence of hidden information in the target content. 8

Methodology and performance – Application identification Use the temporal patterns and sizes of packets, can instantiate a signature with a high degree of confidence. – social networking (MySpace and Facebook) – web-mail (Gmail and Hotmail) – streaming video applications (YouTube and Veoh) 9

Methodology and performance Content signature generation and detection – Create network traffic based content signatures. – Compare signatures to detect of sensitive content. – Use wavelets to reduce the size of the signatures. 10

Methodology and performance – Detecting covert communication measured by some standard audio quality metrics, distortion measures have been shown to be effective to test the presence of hidden messages. Measures audio content distortion using Hausdorff Distance. 11

Conclusion This paper developed a systematic approach to address the key problems of detecting sensitive data exfiltration. Particularly, a multilevel framework that composed of application detection, content signature generation and detection, and covert channel detection was proposed. 12

References D. P. Huttenlocher, D. Klanderman, and W.J. Rucklidge, Comparing images using the Hausdorff distance, IEEE Transactions on Pattern Analysis and Machine Intelligence, vol. 15, pp , H. Farid, Detecting hidden messages using higherorder statistical models, IEEE International Conference on Image Processing, vol. 2, pp , Y. Liu, K. Chiang, C. Corbett, R. Archibald, B. Mukherjee, and D. Ghosal, A novel audio Steganalysis based on high order statistics of a distortion measure with Hausdorff distance, 11th Information Security Conference(ISC) 2008, Lecture Notes in Computer Science, Vol. 5222, pp Y. Q. Shi, G. Xuan, C. Yang, J. Gao, Z. Zhang, P. Chai, D. Zou, C. Chen, and W. Chen, Effective Steganalysis Based on Statistical Moments of Wavelet Characteristic Function, IEEE International Conference on Information Technology, pp ,