TY - GEN
T1 - DLP-Visor
T2 - 7th International Conference on Information Systems Security and Privacy, ICISSP 2021
AU - Amit, Guy
AU - Yeshooroon, Amir
AU - Kiperberg, Michael
AU - Zaidenberg, Nezer J.
N1 - Publisher Copyright:
Copyright © 2021 by SCITEPRESS – Science and Technology Publications, Lda. All rights reserved
PY - 2021
Y1 - 2021
N2 - Data theft by insiders is considered by many organisations to be one of the most serious threats. Data leakage prevention (DLP) systems attempt to prevent intentional or accidental disclosure of sensitive information by monitoring the content or the context in which the information is transferred, for example, in a file system, an email server, instant messengers. We present a context-sensitive DLP system, called DLP-Visor, which is implemented as a thin hypervisor capable of intercepting system calls in Windows operating systems equipped with Kernel Patch Protection. By intercepting system calls that govern the file system, inter-process communications, networking, system register and system clipboard, DLP-Visor guarantees that sensitive information can never leave a predefined set of directories. The performance overhead of DLP-Visor (7.2%) allows its deployment in real-world applications.
AB - Data theft by insiders is considered by many organisations to be one of the most serious threats. Data leakage prevention (DLP) systems attempt to prevent intentional or accidental disclosure of sensitive information by monitoring the content or the context in which the information is transferred, for example, in a file system, an email server, instant messengers. We present a context-sensitive DLP system, called DLP-Visor, which is implemented as a thin hypervisor capable of intercepting system calls in Windows operating systems equipped with Kernel Patch Protection. By intercepting system calls that govern the file system, inter-process communications, networking, system register and system clipboard, DLP-Visor guarantees that sensitive information can never leave a predefined set of directories. The performance overhead of DLP-Visor (7.2%) allows its deployment in real-world applications.
KW - Data Leakage Prevention
KW - Hypervisors
KW - Trusted Computing Base
KW - Virtual Machine Monitors
UR - http://www.scopus.com/inward/record.url?scp=85103036061&partnerID=8YFLogxK
U2 - 10.5220/0010221104160423
DO - 10.5220/0010221104160423
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:85103036061
SN - 9789897584916
T3 - International Conference on Information Systems Security and Privacy
SP - 416
EP - 423
BT - ICISSP 2021 - Proceedings of the 7th International Conference on Information Systems Security and Privacy
A2 - Mori, Paolo
A2 - Lenzini, Gabriele
A2 - Furnell, Steven
PB - Science and Technology Publications, Lda
Y2 - 11 February 2021 through 13 February 2021
ER -