DLP-Visor: A Hypervisor-based Data Leakage Prevention System

Guy Amit; Amir Yeshooroon; Michael Kiperberg; Nezer Zaidenberg

doi:10.5220/0010221104160423

DLP-Visor: A Hypervisor-based Data Leakage Prevention System

Guy Amit, Amir Yeshooroon, Michael Kiperberg, Nezer Zaidenberg

2021

Abstract

Data theft by insiders is considered by many organisations to be one of the most serious threats. Data leakage prevention (DLP) systems attempt to prevent intentional or accidental disclosure of sensitive information by monitoring the content or the context in which the information is transferred, for example, in a file system, an email server, instant messengers. We present a context-sensitive DLP system, called DLP-Visor, which is implemented as a thin hypervisor capable of intercepting system calls in Windows operating systems equipped with Kernel Patch Protection. By intercepting system calls that govern the file system, inter-process communications, networking, system register and system clipboard, DLP-Visor guarantees that sensitive information can never leave a predefined set of directories. The performance overhead of DLP-Visor (7.2%) allows its deployment in real-world applications.

Download

Paper Citation

in Harvard Style

Amit G., Yeshooroon A., Kiperberg M. and Zaidenberg N. (2021). DLP-Visor: A Hypervisor-based Data Leakage Prevention System.In Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-491-6, pages 416-423. DOI: 10.5220/0010221104160423

in Bibtex Style

@conference{icissp21,
author={Guy Amit and Amir Yeshooroon and Michael Kiperberg and Nezer Zaidenberg},
title={DLP-Visor: A Hypervisor-based Data Leakage Prevention System},
booktitle={Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2021},
pages={416-423},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010221104160423},
isbn={978-989-758-491-6},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - DLP-Visor: A Hypervisor-based Data Leakage Prevention System
SN - 978-989-758-491-6
AU - Amit G.
AU - Yeshooroon A.
AU - Kiperberg M.
AU - Zaidenberg N.
PY - 2021
SP - 416
EP - 423
DO - 10.5220/0010221104160423