Change search
ReferencesLink to record
Permanent link

Direct link
Improving DLP system security
Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science and Engineering.
2014 (English)Student thesisAlternative title
Förbättring av säkerheten av DLP system (Swedish)
Abstract [en]

Context. Data leakage prevention (DLP), a system designed to prevent leakage and loss of secret sensitive data and at the same time not affect employees workflow. The aim is to have a system covering every possible leakage point that exist. Even if these are covered, there are ways of hiding information such as obfuscating a zip archive within an image file, detecting this hidden information and preventing it from leaking is a difficult task. Companies pay a great deal for these solutions and yet, as we uncover, the information is not safe. Objectives. In this thesis we evaluate four different existing types of DLP systems out on the market today, disclosing their weaknesses and found ways of improving their security. Methods. The four DLP systems tested in this study cover agentless, agent based, hybrids and regular expression DLP tools. The test cases simulate potential leakage points via every day used file transfer applications and media such as USB, Skype, email, etc. Results. We present a hypothetical solution in order to amend these weaknesses and to improve the efficiency of DLP systems today. In addition to these evaluations and experiments, a complementing proof of concept solution has been developed that can be integrated with other DLP solutions. Conclusions. We conclude that the exisiting DLP systems are still in need of improvement, none of the tested DLP solutions fully covered the possible leakage points that could exist in the corporate world. There is a need for continued evaluation of DLP systems, aspects and leakage points not covered in this thesis as well as a follow up on our suggested solution.

Place, publisher, year, edition, pages
2014. , 53 p.
Keyword [en]
Data leakage prevention (DLP), API hooking, agent based, agentless.
National Category
Computer Science Software Engineering
URN: urn:nbn:se:bth-5453Local ID: diva2:832833
Educational program
DVACD Master of Science in Computer Security
Available from: 2015-04-22 Created: 2014-06-25 Last updated: 2016-02-22Bibliographically approved

Open Access in DiVA

fulltext(710 kB)267 downloads
File information
File name FULLTEXT01.pdfFile size 710 kBChecksum SHA-512
Type fulltextMimetype application/pdf

By organisation
Department of Computer Science and Engineering
Computer ScienceSoftware Engineering

Search outside of DiVA

GoogleGoogle Scholar
Total: 267 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 510 hits
ReferencesLink to record
Permanent link

Direct link