Abstract:
Information leakage attacks represent a serious
threat for their widespread and devastating effects. Their significance stems from the fact that they are committed by
an organization’s authorized computer users, and/or processes
executing on their behalf. The diverse avenues that could be
exploited to carry out such attacks add another barrier towards addressing them. Based on literature review, this paper
explores strengths of security measures intended to confront
information leakage attacks, and focuses on pinpointing their
respective limitations. It demonstrates that only few of them are
capable of mitigating such attacks, whereas the rest suffer from
conceptual and/or implementation-related limitations that render
them vulnerable to circumvention. They are basically prone to
high false positive and/or false negative rates, complex to apply,
inflexible during execution, suffer from degraded performance,
or require hardware modification. Most importantly, neither of
them provides a remedy for new undete