About the Authors xvAcknowledgments xviiAcronyms xixAbstract xxi1 Introduction 11.1 Data Exfiltration Methods 31.2 Important Questions 71.3 Book Scope 91.4 Book Summary 111.5 Book Structure 152 Background192.1 Hidden Markov Model 192.2 Memory Forensics 242.3 Bag-of-Words Model 272.4 Sparse Distributed Representation 282.5 Summary 293 Data Security Threats 313.1 Data Security 323.2 Security vs. Protection vs. Privacy 353.3 Advanced Persistent Threats Attacks 363.4 Cybersecurity Threats 383.5 Conclusion 594 Use Cases Data Leakage Attacks 634.1 Most Significant Attacks 634.2 Top Infection Vectors 684.3 Top Threats of Recent Years 704.4 Malware Development Trends 714.5 Geographic Trends 754.6 Industry Trends 784.7 Conclusion 805 Survey on Building Block Technologies 835.1 Motivation 835.2 Background 875.3 Taxonomy 965.4 Supervised Learning Methods 985.5 Systematic Literature Review 1075.6 Evaluation of Supervised Learning Methods 1085.7 Key Open Problems 1255.8 Summary 1276 Behavior-Based Data Exfiltration Detection Methods 1416.1 Motivation 1416.2 Existing Methods 1446.3 Sub-Curve HMM Method 1486.4 Evaluation 1596.5 Experimental Results 1646.6 Discussion 1726.7 Summary 1737 Memory-Based Data Exfiltration Detection Methods 1817.1 Motivation 1817.2 Existing Methods 1837.3 Concepts 1867.4 Fast Lookup Bag-of-Words (FBoW) 1917.5 Evaluation 1997.6 Summary 2158 Temporal-Based Data Exfiltration Detection Methods 2218.1 Motivation 2218.2 Existing Methods 2238.3 Definitions 2258.4 Temporary Memory Bag-of-Words (TMBoW) 2298.5 Experimental Results 2348.6 Summary 2459 Conclusion 2499.1 Summary 2499.2 What Is Innovative in the Described Methods? 2519.3 What Is Next? 253Index 255
Zahir Tari is Professor at RMIT and Research Director of the RMIT Centre of Cyber Security Research and Innovation.Nasrin Sohrabi received a PhD in Computer Science from RMIT University, Australia. She is a Postdoctoral Research Fellow in Cloud, Systems and Security discipline, School of Computing Technologies, RMIT University and a core member of the RMIT Centre of Cyber Security Research and Innovation (CCSRI). She has several publications in highly ranked conferences and journals, including ICDE, IEEE Transactions on Services Computings, ACM Computing surveys, IEEE Transactions on Transportation systems, IEEE Transactions on Smart Grids.Yasaman Samadi is a PhD student in Computer Science at RMIT University, Australia and a researcher in Quantum Cybersecurity. Yasaman has a Master's in Computer Architecture and worked as a quantum engineer at QBee.Jakapan Suaboot received his PhD in Cybersecurity from RMIT, Australia. He previously worked as a Lecturer for the Department of Computer Engineering from Prince of Songkla University, Phuket, Thailand.