计算机工程与应用Issue(2):96-104,9.DOI:10.3778/j.issn.1002-8331.1401-0185
一种改进的网络数据泄漏检测方案研究
Research on improved network data-leakage detection scheme
摘要
Abstract
Preventing flow of confidential data out of a network is a fundamental problem faced by network operators. This problem gets even more complex in the context of cloud computing. The existing data-leakage prevention solutions are based on generic search for keywords in outgoing data, and hence severely lack the ability to control data flow at a fine granularity with low false positives. In order to solve this problem, in this paper, a data-leakage prevention architec-ture based on the white-listing is designed, which uses a white-listing for providing the strong security of data transmis-sion, on this basis, a data leakage detection algorithm by combining document fingerprinting with Bloom filters is pro-posed. The optimal locations for checking are computed by using dynamic programming to minimize the memory over-head and enable high-speed implementation. The simulation results show the algorithm for checking the fingerprints on the-fly scales to a large amount of documents at very low cost. For example, for one TB of documents, the solution only requires 340 MB memory to achieve worst case expected detection lag(i.e.leakage length)of 1000 bytes.关键词
数据泄露/云计算/白名单/虚警率/指纹检测/Bloom滤波器Key words
data-leakage/cloud computing/white-listing/false probability/fingerprint checks/Bloom filters分类
信息技术与安全科学引用本文复制引用
赵根林,李华..一种改进的网络数据泄漏检测方案研究[J].计算机工程与应用,2016,(2):96-104,9.基金项目
国家自然科学基金(No.61300217/F020702)。 ()
