Change search
ReferencesLink to record
Permanent link

Direct link
File Detection in Network Traffic Using Approximate Matching
Norwegian University of Science and Technology, Faculty of Information Technology, Mathematics and Electrical Engineering, Department of Telematics.
2013 (English)MasteroppgaveStudent thesis
Abstract [en]

Virtually every day data breach incidents are reported in the news. Scammers, fraudsters, hackers and malicious insiders are raking in millions with sensitive business and personal information. Not all incidents involve cunning and astute hackers. The involvement of insiders is ever increasing. Data information leakage is a critical issue for many companies, especially nowadays where every employee has an access to high speed internet. In the past, email was the only gateway to send out information but with the advent of technologies like SaaS (e.g. Dropbox) and other similar services, possible routes have become numerous and complicated to guard for an organisation. Data is valuable, for legitimate purposes or criminal purposes alike. An intuitive approach to check data leakage is to scan the network traffic for presence of any confidential information transmitted. The existing systems use slew of techniques like keyword matching, regular expression pattern matching, cryptographic algorithms or rolling hashes to prevent data leakage. These techniques are either trivial to evade or suffer with high false alarm rate. In this thesis, 'known file content' detection in network traffic using approximate matching is presented. It performs content analysis on-the-fly. The approach is protocol agnostic and filetype independent. Compared to existing techniques, proposed approach is straight forward and does not need comprehensive configuration. It is easy to deploy and maintain, as only file fingerprint is required, instead of verbose rules.

Place, publisher, year, edition, pages
Institutt for telematikk , 2013. , 104 p.
Identifiers
URN: urn:nbn:no:ntnu:diva-22696Local ID: ntnudaim:10026OAI: oai:DiVA.org:ntnu-22696DiVA: diva2:651455
Supervisors
Available from: 2013-09-25 Created: 2013-09-25 Last updated: 2013-09-25Bibliographically approved

Open Access in DiVA

fulltext(1199 kB)961 downloads
File information
File name FULLTEXT01.pdfFile size 1199 kBChecksum SHA-512
9e935671f0d7b9de0be4ca1d00215412f594dc2cdd92253c4fa04783a49a498db52ecb1064d79ba1d8e2a2775218a28b6a0bc64b1eb271c1415a0c5c60d2b5f8
Type fulltextMimetype application/pdf
cover(184 kB)3 downloads
File information
File name COVER01.pdfFile size 184 kBChecksum SHA-512
77c9d097f29fc45c81a5df2c1768263de7bcc054b6d0c2f0ef5493ef20340373dcaee34b5b44cb2275151ddeaf3ddcb00ec01c2b8cd4ae86c7e7b54b0eb6665c
Type coverMimetype application/pdf
attachment(13045 kB)12 downloads
File information
File name ATTACHMENT01.zipFile size 13045 kBChecksum SHA-512
6a44ffafe9687793e88bdf9e93a38ab80ade65f804c4e1026c8a59305222153e92b284b24b02d87eddaf4a64224a0c6dec071d466bb5178b442ab17a74eb66e0
Type attachmentMimetype application/zip

By organisation
Department of Telematics

Search outside of DiVA

GoogleGoogle Scholar
Total: 961 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 224 hits
ReferencesLink to record
Permanent link

Direct link