Skip to content

Implementing Data Exfiltration Defense in Situ: A Survey of Countermeasures and Human Involvement

by Mu-Huan Chung, Yuhong Yang, Lu Wang, Greg Cento, Khilan Jerath, Abhay Raman, David Lie and Mark H. Chignell
Abstract:
In this paper we consider the problem of defending against increasing data exfiltration threats in the domain of cybersecurity. We review existing work on exfiltration threats and corresponding countermeasures. We consider current problems and challenges that need to be addressed to provide a qualitatively better level of protection against data exfiltration. After considering the magnitude of the data exfiltration threat, we outline the objectives of this paper and the scope of the review. We then provide an extensive discussion of present methods of defending against data exfiltration. We note that current methodologies for defending against data exfiltration do not connect well with domain experts, both as sources of knowledge and as partners in decision-making. However, human interventions continue to be required in cybersecurity. Thus, cybersecurity applications are necessarily socio-technical systems which cannot be safely and efficiently operated without considering relevant human factors issues. We conclude with a call for approaches that can more effectively integrate human expertise into defense against data exfiltration.
Reference:
Mu-Huan Chung, Yuhong Yang, Lu Wang, Greg Cento, Khilan Jerath, Abhay Raman, David Lie and Mark H. Chignell, “Implementing Data Exfiltration Defense in Situ: A Survey of Countermeasures and Human Involvement”, In ACM Computing Surveys, 2023. (Author’s personal copy available here.)
Bibtex Entry:
@article{mchung_chignell:csur:2023,
  author = {Chung, Mu-Huan and Yang, Yuhong and Wang, Lu and Cento, Greg and Jerath, Khilan and Raman, Abhay and Lie, David and Chignell, Mark H.},
  title = {Implementing Data Exfiltration Defense in Situ: A Survey of Countermeasures and Human Involvement},
  year = {2023},
  publisher = {Association for Computing Machinery},
  address = {New York, NY, USA},
  issn = {0360-0300},
  doi = {10.1145/3582077},
  abstract = {In this paper we consider the problem of defending against increasing data exfiltration threats in the domain of cybersecurity. We review existing work on exfiltration threats and corresponding countermeasures. We consider current problems and challenges that need to be addressed to provide a qualitatively better level of protection against data exfiltration. After considering the magnitude of the data exfiltration threat, we outline the objectives of this paper and the scope of the review. We then provide an extensive discussion of present methods of defending against data exfiltration. We note that current methodologies for defending against data exfiltration do not connect well with domain experts, both as sources of knowledge and as partners in decision-making. However, human interventions continue to be required in cybersecurity. Thus, cybersecurity applications are necessarily socio-technical systems which cannot be safely and efficiently operated without considering relevant human factors issues. We conclude with a call for approaches that can more effectively integrate human expertise into defense against data exfiltration.},
  journal = {ACM Computing Surveys},
  month = jan,
  url = "https://dl.acm.org/doi/pdf/10.1145/3582077",
  comment = {Author's personal copy available <a href="https://security.csl.toronto.edu/wp-content/uploads/2023/03/Chung-Chignell-CSUR2023-preprint.pdf">here</a>.},
}