Improving DLP system security
2014 (English)Student thesisAlternative title
Förbättring av säkerheten av DLP system (Swedish)
Context. Data leakage prevention (DLP), a system designed to prevent leakage and loss of secret sensitive data and at the same time not affect employees workflow. The aim is to have a system covering every possible leakage point that exist. Even if these are covered, there are ways of hiding information such as obfuscating a zip archive within an image file, detecting this hidden information and preventing it from leaking is a difficult task. Companies pay a great deal for these solutions and yet, as we uncover, the information is not safe. Objectives. In this thesis we evaluate four different existing types of DLP systems out on the market today, disclosing their weaknesses and found ways of improving their security. Methods. The four DLP systems tested in this study cover agentless, agent based, hybrids and regular expression DLP tools. The test cases simulate potential leakage points via every day used file transfer applications and media such as USB, Skype, email, etc. Results. We present a hypothetical solution in order to amend these weaknesses and to improve the efficiency of DLP systems today. In addition to these evaluations and experiments, a complementing proof of concept solution has been developed that can be integrated with other DLP solutions. Conclusions. We conclude that the exisiting DLP systems are still in need of improvement, none of the tested DLP solutions fully covered the possible leakage points that could exist in the corporate world. There is a need for continued evaluation of DLP systems, aspects and leakage points not covered in this thesis as well as a follow up on our suggested solution.
Place, publisher, year, edition, pages
2014. , 53 p.
Data leakage prevention (DLP), API hooking, agent based, agentless.
Computer Science Software Engineering
IdentifiersURN: urn:nbn:se:bth-5453Local ID: oai:bth.se:arkivex5A3758DF67606578C1257D02005E58ADOAI: oai:DiVA.org:bth-5453DiVA: diva2:832833
DVACD Master of Science in Computer Security