DLP-Visor: A hypervisor-based data leakage prevention system

Guy Amit, Amir Yeshooroon, Michael Kiperberg, Nezer J. Zaidenberg

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Data theft by insiders is considered by many organisations to be one of the most serious threats. Data leakage prevention (DLP) systems attempt to prevent intentional or accidental disclosure of sensitive information by monitoring the content or the context in which the information is transferred, for example, in a file system, an email server, instant messengers. We present a context-sensitive DLP system, called DLP-Visor, which is implemented as a thin hypervisor capable of intercepting system calls in Windows operating systems equipped with Kernel Patch Protection. By intercepting system calls that govern the file system, inter-process communications, networking, system register and system clipboard, DLP-Visor guarantees that sensitive information can never leave a predefined set of directories. The performance overhead of DLP-Visor (7.2%) allows its deployment in real-world applications.

Original languageAmerican English
Title of host publicationICISSP 2021 - Proceedings of the 7th International Conference on Information Systems Security and Privacy
EditorsPaolo Mori, Lenzini Gabriele, Steven Furnell, Gabriele Lenzini
Pages416-423
Number of pages8
ISBN (Electronic)9789897584916
DOIs
StatePublished - 1 Jan 2021
Externally publishedYes
Event7th International Conference on Information Systems Security and Privacy, ICISSP 2021 - Virtual, Online
Duration: 11 Feb 202113 Feb 2021

Publication series

NameICISSP 2021 - Proceedings of the 7th International Conference on Information Systems Security and Privacy

Conference

Conference7th International Conference on Information Systems Security and Privacy, ICISSP 2021
CityVirtual, Online
Period11/02/2113/02/21

Keywords

  • Data Leakage Prevention
  • Hypervisors
  • Trusted Computing Base
  • Virtual Machine Monitors

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Computer Science Applications
  • Information Systems
  • Safety, Risk, Reliability and Quality
  • Computer Science (miscellaneous)

Fingerprint

Dive into the research topics of 'DLP-Visor: A hypervisor-based data leakage prevention system'. Together they form a unique fingerprint.

Cite this