Open AccessComparison and Analysis of Anomaly Detection Methods for Detecting Data Exfiltration
Author(s) -
Wongi Lim,
Koohyung Kwon,
JungJae Kim,
Jong-Eon Lee,
Si-Ho Cha
Publication year - 2016
Publication title -
journal of the korea academia-industrial cooperation society
Language(s) - English
Resource type - Journals
eISSN - 2288-4688
pISSN - 1975-4701
DOI - 10.5762/kais.2016.17.9.440
Subject(s) - anomaly detection , intrusion detection system , computer science , data mining , anomaly based intrusion detection system , anomaly (physics) , network security , computer security , condensed matter physics , physics
Military secrets or confidential data of any organization are extremely important assets. They must be discluded from outside. To do this, methods for detecting anomalous attacks and intrusions inside the network have been proposed. However, most anomaly-detection methods only cover aspects of intrusion from outside and do not deal with internal leakage of data, inflicting greater damage than intrusions and attacks from outside. In addition, applying conventional anomaly-detection methods to data exfiltration creates many problems, because the methods do not consider a number of variables or the internal network environment. In this paper, we describe issues considered in data exfiltration detection for anomaly detection (DEDfAD) to improve the accuracy of the methods, classify the methods as profile-based detection or machine learning-based detection, and analyze their advantages and disadvantages. We also suggest future research challenges through comparative analysis of the issues with classification of the detection methods.
Accelerating Research
Robert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom
Address
John Eccles HouseRobert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom