ABSTRACT
Data exfiltration is a serious cybercrime facing many organizations worldwide. Over the past few years, notable organizations such as the Google, Yahoo, the Pentagon, Iran nuclear facility and the United States military contractors and banks have fallen victims of data exfiltration. The current techniques for averting these threats revolve around firewalls, intrusion detection systems, intrusion prevention techniques, firewalls, anti-virus an
anti-malware. However, despite heavy deployment of these devices, attackers still continue to wreck havoc on organizations and individuals, stealing their sensitive data. The aim of this paper was therefore to explore how the
current techniques for data loss prevention fail. The results of this analysis revealed that these techniques either use whitelists, blacklists, signature-based scanning, behavioral analysis of programs which are not sufficient to
counter attacks based on zero day vulnerabilities. Based on these shortcomings, a novel data exfiltration prevention algorithm is proposed towards the end of this paper. This algorithm is suggested to employ real-time traffic entropy coupled with heuristically computed functional correlations to detect data exfiltrations. The premises of this algorithm and its operations are discussed at the last section of this paper.
Keywords: - Algorithm, anti-virus, anti-malware, Data exfiltration, IDS, IPS