Enterprise Data Exfiltration Detection and Prevention 

Organizations worldwide are subject to harmful cyberattacks every single day. While the end goal of such attacks may be diverse, data exfiltration, i.e., unauthorized transfer of sensitive data from an organization to an attacker, is often the primary intent of an attack.  In this talk, we examine the arms race between attackers and defenders and discuss the co-evolution of exfiltration techniques and exfiltration detection and prevention approaches proposed by the security industry and academia. Increasingly, targeted advanced attacks use covert and sophisticated exfiltration techniques by exploiting fundamental communication protocols such as DNS and HTTP. Though many detection approaches have been proposed, these approaches are noisy, i.e., they often raise false alarms and fail to detect genuine attacks. We briefly discuss a decision theoretic technique to build a reliable and scalable detector on top of the noisy detectors and highlight our preliminary results. 

Speaker Bio:
Dr. Pratyusa K. Manadhata is a Principal Researcher at Hewlett-Packard Laboratories, Princeton, NJ. He has conducted research on large scale machine learning techniques for security and has built systems for data leakage prevention, event log analysis, intrusion detection, and malware detection using the techniques. He received his B.Tech. degree in Computer Science and Engineering from Indian Institute of Technology Kanpur, India and his Ph.D. degree in Computer Science from Carnegie Mellon University.