Please submit manuscripts in either of the following two submission systems

    ScholarOne Manuscripts

  • ScholarOne

    • 勤云稿件系统

  • 登录

Search by Issue

  • 2024 Vol.31
  • 2023 Vol.30
  • 2022 Vol.29
  • 2021 Vol.28
  • 2020 Vol.27
  • 2019 Vol.26
  • 2018 Vol.25
  • 2017 Vol.24
  • 2016 vol.23
  • 2015 vol.22
  • 2014 vol.21
  • 2013 vol.20
  • 2012 vol.19
  • 2011 vol.18
  • 2010 vol.17
  • 2009 vol.16
  • No.1
  • No.2

Search by Keywords

  • Search by Title
  • Search by Keywords
  • Search by Abstract
  • Search by Author's Chinese Name
  • Search by Author's English Name
  • Search by Fund

News & AnnouncementMORE

Supervised by Ministry of Industry and Information Technology of The People's Republic of China Sponsored by Harbin Institute of Technology Editor-in-chief Yu Zhou ISSNISSN 1005-9113 CNCN 23-1378/T

期刊网站二维码
微信公众号二维码
Related citation:Jing Xu,Fei Xu,Xiao-Jun Chen,Jin-Qiao Shi,Cheng Qi.Empirical Evaluation of Information Leakage Detection Using Net-flow Analysis[J].Journal of Harbin Institute Of Technology(New Series),2014,21(6):16-21.DOI:10.11916/j.issn.1005-9113.2014.06.004.
【Print】   【HTML】   【PDF download】   View/Add Comment  Download reader   Close
←Previous|Next→ Back Issue    Advanced Search
This paper has been: browsed 1182times   downloaded 1084times 本文二维码信息
码上扫一扫!
Shared by: Wechat More
Font:larger+|default|smaller-
Empirical Evaluation of Information Leakage Detection Using Net-flow Analysis
Author NameAffiliation
Jing Xu Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China
Dept.of Computer Science, Beijing University of Technology, Beijing 100124, China 
Fei Xu Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China 
Xiao-Jun Chen Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China 
Jin-Qiao Shi Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China 
Cheng Qi Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China 
Abstract:
Because of the widespread of Trojans, organizations and Internet users become more vulnerable to the threat of information leakage. This paper describes an information leakage detection system (ILDS) to detect sensitive information leakage caused by Trojan. In particular, the principles of the system are based on the analysis of net-flows in four perspectives: heartbeat behavior analysis, DNS abnormal analysis, upload-download ratio and content analysis. Heartbeat behavior analysis and DNS abnormal analysis are used to detect the existence of Trojans while upload-download ratio and content analysis can quickly detect when the information leakage happens. Experiments indicate that the system is reliable and efficient in detecting information leakage. The system can also help to collect and preserve digital evidence when information leakage incident occurs.
Key words:  information leakage  heartbeat behavior  Trojan detection  digital forensics
DOI:10.11916/j.issn.1005-9113.2014.06.004
Clc Number:TP391.7
Fund:

LINKS

Copyright © The Editorial Department of Journal of Harbin Institute of Technology
Address: 92 West Dazhi Street, Nan Gang District, Harbin, Heilongjiang Province, China Postcode: 150001
(C)2015 JOURNAL OF HIT ALL RIGHTS RESERVED. ICP. 0000423255