Mining Windows Registry for Data Exfiltration Detection

Yi Hu; Rubaiyat Hossain; Papa Seye; Sri Vasireddy

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

Mining Windows Registry for Data Exfiltration Detection

In Proceedings of the 9th International Workshop on Security in Information Systems - Volume 0ICEIS, 101-108, 2012 , Wrocław, Poland

Authors: Yi Hu ; Rubaiyat Hossain ; Papa Seye and Sri Vasireddy

Affiliation: Northern Kentucky University, United States

Keyword(s): Intrusion Detection, Data Mining, Data Exfiltration, Insider Attack

Abstract: This paper illustrates a novel approach for identifying data exfiltration activities by mining Microsoft Windows Registry. It often takes outsider attackers a significant amount of efforts to identify the vulnerabilities in the system or applications and launch the exploit payloads to compromise a system. However insider attackers with legitimate access control privileges can easily steal data and sell data to a third party. Many companies spend lots of money defending network perimeters and applications from outsider attacks but only pay little attention to the insider threat. Although there are existing research efforts ad-dressing various aspects of insider attacks, little research focuses on data exfil-tration detection. The proposed model in this paper employs a data mining method to profile USB device usage patterns and uses various statistical methods to identify anomalous USB device usages. The effectiveness of the model was tested with USB access history extracted from the W indows Registry. (More)

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 3.144.29.213

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Hu, Y.; Hossain, R.; Seye, P. and Vasireddy, S. (2012). Mining Windows Registry for Data Exfiltration Detection. In Proceedings of the 9th International Workshop on Security in Information Systems (ICEIS 2012) - WOSIS; ISBN 978-989-8565-15-0, SciTePress, pages 101-108. DOI: 10.5220/0004100101010108

@conference{wosis12,
author={Yi Hu. and Rubaiyat Hossain. and Papa Seye. and Sri Vasireddy.},
title={Mining Windows Registry for Data Exfiltration Detection},
booktitle={Proceedings of the 9th International Workshop on Security in Information Systems (ICEIS 2012) - WOSIS},
year={2012},
pages={101-108},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004100101010108},
isbn={978-989-8565-15-0},
}

TY - CONF

JO - Proceedings of the 9th International Workshop on Security in Information Systems (ICEIS 2012) - WOSIS
TI - Mining Windows Registry for Data Exfiltration Detection
SN - 978-989-8565-15-0
AU - Hu, Y.
AU - Hossain, R.
AU - Seye, P.
AU - Vasireddy, S.
PY - 2012
SP - 101
EP - 108
DO - 10.5220/0004100101010108
PB - SciTePress