Další formáty:
BibTeX
LaTeX
RIS
@inproceedings{2309498, author = {Daubner, Lukáš and Považanec, Adam}, address = {United States}, booktitle = {ARES '23: Proceedings of the 18th International Conference on Availability, Reliability and Security}, doi = {http://dx.doi.org/10.1145/3600160.3605036}, keywords = {Data Loss Prevention; Auditing; Kernel Hooking; DLP; Data Leakage}, howpublished = {elektronická verze "online"}, language = {eng}, location = {United States}, isbn = {979-8-4007-0772-8}, pages = {1-10}, publisher = {Association for Computing Machinery}, title = {Data Loss Prevention Solution for Linux Endpoint Devices}, url = {https://doi.org/10.1145/3600160.3605036}, year = {2023} }
TY - JOUR ID - 2309498 AU - Daubner, Lukáš - Považanec, Adam PY - 2023 TI - Data Loss Prevention Solution for Linux Endpoint Devices PB - Association for Computing Machinery CY - United States SN - 9798400707728 KW - Data Loss Prevention KW - Auditing KW - Kernel Hooking KW - DLP KW - Data Leakage UR - https://doi.org/10.1145/3600160.3605036 N2 - Endpoint data loss prevention (DLP) software monitors and protects data on the endpoint against accidental and malicious leakage. While the risk of such leakage is widely present in current systems, it is more so within the intelligent infrastructures due to potential impact, heterogeneity, and complexity. However, there is a significant gap in open solutions for wide Linux-based endpoints. Therefore, this paper discusses possible approaches towards Linux endpoint DLP solution, which would be widely available on Linux distributions, not relying on fragile assumptions and not undermining security controls. Namely, the focus is on audit and control of file system operations and external USB devices. The viable approaches are discussed, and a prototype solution is implemented using the ftrace framework for file system operations and combining the udev subsystem and the sysfs virtual file system for external USB devices. While the solution is demonstrated in scenarios involving various DLP channels, it also established a platform for further research based on the data from intercepted events. ER -
DAUBNER, Lukáš a Adam POVAŽANEC. Data Loss Prevention Solution for Linux Endpoint Devices. Online. In \textit{ARES '23: Proceedings of the 18th International Conference on Availability, Reliability and Security}. United States: Association for Computing Machinery, 2023, s.~1-10. ISBN~979-8-4007-0772-8. Dostupné z: https://dx.doi.org/10.1145/3600160.3605036.
|