Empirical Evaluation of Information Leakage Detection Using Net-flow Analysis
Jing Xu1,2, Fei Xu1, Xiao-Jun Chen1, Jin-Qiao Shi1, Cheng Qi1
(1.Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China;2.Dept. of Computer Science, Beijing University of Technology, Beijing 100124, China)
Abstract:
Because of the widespread of Trojans, organizations and Internet users become more vulnerable to the threat of information leakage. This paper describes an information leakage detection system (ILDS) to detect sensitive information leakage caused by Trojan. In particular, the principles of the system are based on the analysis of net-flows in four perspectives: heartbeat behavior analysis, DNS abnormal analysis, upload-download ratio and content analysis. Heartbeat behavior analysis and DNS abnormal analysis are used to detect the existence of Trojans while upload-download ratio and content analysis can quickly detect when the information leakage happens. Experiments indicate that the system is reliable and efficient in detecting information leakage. The system can also help to collect and preserve digital evidence when information leakage incident occurs.
Key words: information leakage heartbeat behavior Trojan detection digital forensics
DOI:10.11916/j.issn.1005-9113.2014.06.004
Clc Number:TP391.7
Fund:
删除或更新信息,请邮件至freekaoyan#163.com(#换成@)
Empirical Evaluation of Information Leakage Detection Using Net-flow Analysis
本站小编 哈尔滨工业大学/2019-10-24
相关话题/Empirical Evaluation Information Leakage Detection
领限时大额优惠券,享本站正版考研考试资料!
优惠券领取后72小时内有效,10万种最新考研考试考证类电子打印资料任你选。涵盖全国500余所院校考研专业课、200多种职业资格考试、1100多种经典教材,产品类型包含电子书、题库、全套资料以及视频,无论您是考研复习、考证刷题,还是考前冲刺等,不同类型的产品可满足您学习上的不同需求。 ...考试优惠券 本站小编 Free壹佰分学习网 2022-09-19Loop Closure Detection of Visual SLAM Based on Point and Line Features
Loop Closure Detection of Visual SLAM Based on Point and Line Features Author NameAffiliationChang’an LiuSchool of Control and Computer Engineering,North China Electric Power University,Beijing 102206, ChinaRuiying ChengSchool of Control and Computer Engineering,North China ...哈尔滨工业大学科研学术 本站小编 哈尔滨工业大学 2020-12-05Evaluation Method of Output Waveform Quality for Neutral-Point-Clamped Three-Level Converter
Evaluation Method of Output Waveform Quality for Neutral-Point-Clamped Three-Level Converter Author NameAffiliationGuozheng ZhangThe National Local Joint Engineering Research Center of Electrical Machine System Design and Manufacturing, Tiangong University, Tianjin 300387,Ch ...哈尔滨工业大学科研学术 本站小编 哈尔滨工业大学 2020-12-05Route Temporal-Spatial Information Based Residual Neural Networks for Bus Arrival Time Prediction
Route Temporal-Spatial Information Based Residual Neural Networks for Bus Arrival Time Prediction Author NameAffiliationChao YangKey Laboratory of Road and Traffic Engineering of the Ministry of Education,School of Transportation Engineering, Tongji University, Shanghai 2018 ...哈尔滨工业大学科研学术 本站小编 哈尔滨工业大学 2020-12-05Research on the Evaluation System of Epoxy Asphalt Steel Deck Pavement Distress Condition
Research on the Evaluation System of Epoxy Asphalt Steel Deck Pavement Distress Condition Author NameAffiliationHui ZhangCollege of Aerospace Engineering, Nanjing University of Aeronautics and Astronautics, Nanjing 210016, China Jiangsu SinoRoad Engineering Research Institut ...哈尔滨工业大学科研学术 本站小编 哈尔滨工业大学 2020-03-06Two Hybrid Methods Based on Rough Set Theory for Network Intrusion Detection
Two Hybrid Methods Based on Rough Set Theory for Network Intrusion Detection Na Jiao (Dept. of Information Science and Technology, East China University of Political Science and Law, Shanghai 201620, China) ...哈尔滨工业大学科研学术 本站小编 哈尔滨工业大学 2019-10-24Image Tampering Detection Using No-Reference Image Quality Metrics
Image Tampering Detection Using No-Reference Image Quality Metrics Ying Li,Bo Wang, Xiang-Wei Kong, Yan-Qing Guo (School of Information and Communication Engineering, Dalian University of Technology, Dalian 116024, China) ...哈尔滨工业大学科研学术 本站小编 哈尔滨工业大学 2019-10-24Early Sensor Fault Detection Based on PCA and Clustering Analysis
Early Sensor Fault Detection Based on PCA and Clustering Analysis Xue-Bing Gong, Ri-Xin Wang, Min-Qiang Xu (Deep Space Exploration Research Center, Harbin Institute of Technology, Harbin 150080, China) ...哈尔滨工业大学科研学术 本站小编 哈尔滨工业大学 2019-10-24Anomaly Detection Based on Multi-Detector Fusion Used in Turbine
Anomaly Detection Based on Multi-Detector Fusion Used in Turbine Hui-Xin He1, Ning Li2, Geng-Feng Zheng3, Xu-Zhou Lin1, Da-Ren Yu1 (1.School of Astronautics, Harbin Institute of Technology,Harbin 150001, China;2.National Instit ...哈尔滨工业大学科研学术 本站小编 哈尔滨工业大学 2019-10-24Research on Comparison and Evaluation Studies of Several Smoothing Denoising Method Based on γ-ray S
Research on Comparison and Evaluation Studies of Several Smoothing Denoising Method Based on γ-ray Spectrum Detector Jian-Feng He1,2, Fang Fang1, Yao-Zong Yang1, Yue-Shun He2, Bin Tang2 (1. College of Nuclear Technology and Aut ...哈尔滨工业大学科研学术 本站小编 哈尔滨工业大学 2019-10-24A Kind of Edge Detection Algorithm with Edge-Preserving Characteristics
A Kind of Edge Detection Algorithm with Edge-Preserving Characteristics Zheng Dou1, Peng-Yu Shi1,2, Yun Lin1 (1. Institute of Information and Communications Engineering, Harbin Engineering University, Harbin 150001, China; 2 ...哈尔滨工业大学科研学术 本站小编 哈尔滨工业大学 2019-10-24
