Privacy-Preserving Data Exfiltration Monitoring Using Homomorphic Encryption

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Scopus citations

Abstract

Monitoring and encryption are essential to secure today's computer networks. Monitoring network traffic data can be especially useful to protect against data exfiltration by detecting signatures in file metadata to identify especially sensitive files that should not be publicly released. Encryption restricts the visibility of signatures, but this may be needed because some signatures used to protect against data exfiltration may themselves be sensitive, as knowledge of signatures could help adversaries circumvent monitoring. We present results on a prototype exfiltration guard to securely and privately monitor flows of encrypted information for encrypted signatures without requiring the decryption of the data flows or the signatures or the sharing of decryption keys. Our approach is based on using homomorphic encryption to enables secure computing on encrypted data. We show experimental results with a prototype proof-of-concept encrypted data guard running on a commodity computing hardware. These designs point to possible future advances driven by ongoing homomorphic encryption improvements to compute on encrypted data for more advanced and secure filtering and exfiltration protection schemes.

Original languageEnglish (US)
Title of host publicationProceedings - 2nd IEEE International Conference on Cyber Security and Cloud Computing, CSCloud 2015 - IEEE International Symposium of Smart Cloud, IEEE SSC 2015
EditorsTao Zhang, Sajal K. Das, Tao Zhang, Meikang Qiu
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages48-53
Number of pages6
ISBN (Electronic)9781467392990
DOIs
StatePublished - Jan 4 2016
Event2nd IEEE International Conference on Cyber Security and Cloud Computing, CSCloud 2015 - New York, United States
Duration: Nov 3 2015Nov 5 2015

Publication series

NameProceedings - 2nd IEEE International Conference on Cyber Security and Cloud Computing, CSCloud 2015 - IEEE International Symposium of Smart Cloud, IEEE SSC 2015

Other

Other2nd IEEE International Conference on Cyber Security and Cloud Computing, CSCloud 2015
CountryUnited States
CityNew York
Period11/3/1511/5/15

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality

Keywords

  • Data Guard
  • Homomorphic Encryption
  • Security

Fingerprint Dive into the research topics of 'Privacy-Preserving Data Exfiltration Monitoring Using Homomorphic Encryption'. Together they form a unique fingerprint.

Cite this