Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Improving DLP system security
Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
2014 (English)Student thesisAlternative title
Förbättring av säkerheten av DLP system (Swedish)
Abstract [en]

Context. Data leakage prevention (DLP), a system designed to prevent leakage and loss of secret sensitive data and at the same time not affect employees workflow. The aim is to have a system covering every possible leakage point that exist. Even if these are covered, there are ways of hiding information such as obfuscating a zip archive within an image file, detecting this hidden information and preventing it from leaking is a difficult task. Companies pay a great deal for these solutions and yet, as we uncover, the information is not safe. Objectives. In this thesis we evaluate four different existing types of DLP systems out on the market today, disclosing their weaknesses and found ways of improving their security. Methods. The four DLP systems tested in this study cover agentless, agent based, hybrids and regular expression DLP tools. The test cases simulate potential leakage points via every day used file transfer applications and media such as USB, Skype, email, etc. Results. We present a hypothetical solution in order to amend these weaknesses and to improve the efficiency of DLP systems today. In addition to these evaluations and experiments, a complementing proof of concept solution has been developed that can be integrated with other DLP solutions. Conclusions. We conclude that the exisiting DLP systems are still in need of improvement, none of the tested DLP solutions fully covered the possible leakage points that could exist in the corporate world. There is a need for continued evaluation of DLP systems, aspects and leakage points not covered in this thesis as well as a follow up on our suggested solution.

Place, publisher, year, edition, pages
2014. , p. 53
Keywords [en]
Data leakage prevention (DLP), API hooking, agent based, agentless.
National Category
Computer Sciences Software Engineering
Identifiers
URN: urn:nbn:se:bth-5453Local ID: oai:bth.se:arkivex5A3758DF67606578C1257D02005E58ADOAI: oai:DiVA.org:bth-5453DiVA, id: diva2:832833
Educational program
DVACD Master of Science in Computer Security
Uppsok
Technology
Supervisors
Available from: 2015-04-22 Created: 2014-06-25 Last updated: 2018-01-11Bibliographically approved

Open Access in DiVA

fulltext(710 kB)2882 downloads
File information
File name FULLTEXT01.pdfFile size 710 kBChecksum SHA-512
f9cfb8c92c58be0798dd4a6a66e2b6da13a6ea22bb88135d54a7d7e63fae13318488e46ae7f749ac6226de500636b24625d286d5d6157320e5af533514f2bb45
Type fulltextMimetype application/pdf

By organisation
Department of Computer Science and Engineering
Computer SciencesSoftware Engineering

Search outside of DiVA

GoogleGoogle Scholar
Total: 2886 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 1192 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf