Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Technical Note

Insider Threat Control: Using Plagiarism Detection Algorithms to Prevent Data Exfiltration in Near Real Time

  • October 2013
  • By Todd Lewellen, George Silowash, Daniel L. Costa
  • In this report, the authors describe how an insider threat control can monitor an organization's web request traffic for text-based data exfiltration.
  • Insider Threat
  • Publisher: Software Engineering Institute
    CMU/SEI Report Number: CMU/SEI-2013-TN-008
  • Abstract

    In organizations with access to the internet, the potential for data leakage is ever present. Data loss prevention is a difficult issue because exfiltration channels, such as modern webmail services, are readily available to insiders. An insider can paste text into a webmail message to bypass other controls. Therefore, monitoring must include the content of this communication. A data loss prevention control determines if the content in outgoing web requests is similar to the organization's intellectual property, actively blocks suspicious requests, and logs these events. This technical note describes how a control can monitor web request traffic for text-based data exfiltration attempts and block them in real time. Using this control can help an organization protect text-based intellectual property, including source code repositories.

  • Download

Cite This Report

SEI

Lewellen, Todd; Silowash, George; & Costa, Daniel. Insider Threat Control: Using Plagiarism Detection Algorithms to Prevent Data Exfiltration in Near Real Time. CMU/SEI-2013-TN-008. Software Engineering Institute, Carnegie Mellon University. 2013. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=64680

IEEE

Lewellen. Todd, Silowash. George, and Costa. Daniel, "Insider Threat Control: Using Plagiarism Detection Algorithms to Prevent Data Exfiltration in Near Real Time," Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania, Technical Note CMU/SEI-2013-TN-008, 2013. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=64680

APA

Lewellen, Todd., Silowash, George., & Costa, Daniel. (2013). Insider Threat Control: Using Plagiarism Detection Algorithms to Prevent Data Exfiltration in Near Real Time (CMU/SEI-2013-TN-008). Retrieved March 24, 2017, from the Software Engineering Institute, Carnegie Mellon University website: http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=64680

CHI

Todd Lewellen, George Silowash, & Daniel Costa. Insider Threat Control: Using Plagiarism Detection Algorithms to Prevent Data Exfiltration in Near Real Time (CMU/SEI-2013-TN-008). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2013. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=64680

MLA

Lewellen, Todd., Silowash, George., & Costa, Daniel. 2013. Insider Threat Control: Using Plagiarism Detection Algorithms to Prevent Data Exfiltration in Near Real Time (Technical Report CMU/SEI-2013-TN-008). Pittsburgh: Software Engineering Institute, Carnegie Mellon University. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=64680

BibTex

@techreport{LewellenInsiderThreat2013,
title={Insider Threat Control: Using Plagiarism Detection Algorithms to Prevent Data Exfiltration in Near Real Time},
author={Todd Lewellen and George Silowash and Daniel Costa},
year={2013},
number={CMU/SEI-2013-TN-008},
institution={Software Engineering Institute, Carnegie Mellon University},
address={Pittsburgh, PA},
url={http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=64680} }