Change search
ReferencesLink to record
Permanent link

Direct link
File Detection in Network Traffic Using Approximate Matching
Norwegian University of Science and Technology, Faculty of Information Technology, Mathematics and Electrical Engineering, Department of Telematics.
2013 (English)MasteroppgaveStudent thesis
Abstract [en]

Virtually every day data breach incidents are reported in the news. Scammers, fraudsters, hackers and malicious insiders are raking in millions with sensitive business and personal information. Not all incidents involve cunning and astute hackers. The involvement of insiders is ever increasing. Data information leakage is a critical issue for many companies, especially nowadays where every employee has an access to high speed internet. In the past, email was the only gateway to send out information but with the advent of technologies like SaaS (e.g. Dropbox) and other similar services, possible routes have become numerous and complicated to guard for an organisation. Data is valuable, for legitimate purposes or criminal purposes alike. An intuitive approach to check data leakage is to scan the network traffic for presence of any confidential information transmitted. The existing systems use slew of techniques like keyword matching, regular expression pattern matching, cryptographic algorithms or rolling hashes to prevent data leakage. These techniques are either trivial to evade or suffer with high false alarm rate. In this thesis, 'known file content' detection in network traffic using approximate matching is presented. It performs content analysis on-the-fly. The approach is protocol agnostic and filetype independent. Compared to existing techniques, proposed approach is straight forward and does not need comprehensive configuration. It is easy to deploy and maintain, as only file fingerprint is required, instead of verbose rules.

Place, publisher, year, edition, pages
Institutt for telematikk , 2013. , 104 p.
URN: urn:nbn:no:ntnu:diva-22696Local ID: ntnudaim:10026OAI: diva2:651455
Available from: 2013-09-25 Created: 2013-09-25 Last updated: 2013-09-25Bibliographically approved

Open Access in DiVA

fulltext(1199 kB)982 downloads
File information
File name FULLTEXT01.pdfFile size 1199 kBChecksum SHA-512
Type fulltextMimetype application/pdf
cover(184 kB)3 downloads
File information
File name COVER01.pdfFile size 184 kBChecksum SHA-512
Type coverMimetype application/pdf
attachment(13045 kB)12 downloads
File information
File name ATTACHMENT01.zipFile size 13045 kBChecksum SHA-512
Type attachmentMimetype application/zip

By organisation
Department of Telematics

Search outside of DiVA

GoogleGoogle Scholar
Total: 982 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 876 hits
ReferencesLink to record
Permanent link

Direct link