Abstract
Monitoring and encryption are essential to secure today's computer networks. Monitoring network traffic data can be especially useful to protect against data exfiltration by detecting signatures in file metadata to identify especially sensitive files that should not be publicly released. Encryption restricts the visibility of signatures, but this may be needed because some signatures used to protect against data exfiltration may themselves be sensitive, as knowledge of signatures could help adversaries circumvent monitoring. We present results on a prototype exfiltration guard to securely and privately monitor flows of encrypted information for encrypted signatures without requiring the decryption of the data flows or the signatures or the sharing of decryption keys. Our approach is based on using homomorphic encryption to enables secure computing on encrypted data. We show experimental results with a prototype proof-of-concept encrypted data guard running on a commodity computing hardware. These designs point to possible future advances driven by ongoing homomorphic encryption improvements to compute on encrypted data for more advanced and secure filtering and exfiltration protection schemes.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
