Hussein, OmarHamza, NerminHefny, Hesham2020-02-132020-02-132014[1] T. Abdellatif, L. Sfaxi, R. Robbana, and Y. Lakhnech, “Automating Information Flow Control in Component-based Distributed Systems,” in Proc. of the 14th International ACM Special Interest Group on Software Engineering (SIGSOFT) Symposium on Component Based Software Engineering, Jun. 2011, pp. 73-82 [2] Adobe (2013): Digital Rights Management: To Share and Protect. [Online]. Available: http://www.adobe.com/manufacturing/resources/drm/ [3] M. Alawneh, and I. M. Abbadi, “Preventing Information Leakage between Collaborating Organisations,”in Proc. of the 10th International Conference on Electronic Commerce, 2008, pp. 1-10 [4] R. Anderson, Security Engineering: A Guide to Building Dependable Distributed Systems, Indiana, Wiley Publishing, 2008 [5] A. Arnab, and A. Hutchison, “An Evaluation Framework for DRM,”in Proc. of the 6th International Workshop for Technical, Economic and Legal Aspects of Business Models for Virtual Goods, incorporating the 4th International Open Digital Rights Language (ODRL) Workshop, Oct. 2008, pp. 176-200 [6] S. Balfe, E. Gallery, C. J. Mitchell, and K. G. Paterson, “Challenges for Trusted Computing,”IEEE Security & Privacy Magazine, vol. 6, no. 6, pp. 60-66, 2008 [7] H. Binsalleeh, T. Ormerod, A. Boukhtouta, P. Sinha, A. Youssef, M. Dbbabi, and L. Wang, “On the Analysis of the Zeus Botnet Crimeware Toolkit,” in Proc. of the 8th International Conference on Privacy, Security and Trust, Aug. 2010, pp. 31-38 [8] M. D. Bond, V. Srivastava, K. S. McKinley, and V. Shmatikov, “Efficient, Context-Sensitive Detection of Real-World Semantic Attacks,”in Proc. of the 5th ACM Workshop on Programming Languages and Analysis for Security, Jun. 2010, pp. 1-11 [9] P. Bravo, and D. F. Garcia, “Proactive Detection of Kernel-Mode Rootkits,”in Proc. of the 6th International Conference on Availability, Reliability and Security, Aug. 2011, pp. 515-520 [10] J. Caballero, C. Grier, C. Kreibich, and V. Paxson, “Measuring Pay-perInstall: The Commoditization of Malware Distribution,”in Proc. of the 20th USENIX Security Symposium, Aug. 2011, pp. 187-202 [11] M. Christodorescu, S. Jha, and C. Kruegel, “Mining Specifications of Malicious Behavior,”in Proc. of the 6th joint meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering, Sep. 2007, pp. 5-14 [12] Cyveillance. (2010) Cyveillance testing finds AV vendors detect on average less than 19% of malware attacks. [Online]. Available: http://www.cyveillance.com/web/blog/press-release/cyveillance-testingfinds-av-vendors-detect-on-average-less-than-19-of-malware-attacks [13] A. P. Czarnowski, “Reversing Python Objects,”Virus Bulletin, pp. 13-17, Jul. 2011 [14] D. Ferraiolo, D. Kuhn, and R. Chandramouli, Role-Based Access Control, 2nd ed., Boston, Artech House, 2007 [15] S. Forrest, S. Hofmeyr, and A. Somayaji, “The Evolution of System-Call Monitoring,”in Proc. of the 24th Annual Computer Security Applications Conference, Dec. 2008, pp. 418-430 [16] L. Franco, T. Sahama, and P. Croll, “Security Enhanced Linux to Enforce Mandatory Access Control in Health Information Systems,”in Proc. of the 2nd Australasian Workshop on Health data and Knowledge Management, Jan. 2008, pp. 27-33 [17] R. Gopalakrishna, E. H. Spafford, and J. Vitek, “Efficient Intrusion Detection Using Automaton Inlining,”in Proc. of IEEE Symposium on Security and Privacy, May 2005, pp. 18-31 [18] M. Hart, P. K. Manadhata, and R. Johnson, “Text Classification for Data Loss Prevention,”in Proc. of the 11th International Symposium on Privacy Enhancing Technologies, May 2011, pp. 18-37 [19] V. C. Hu, D. F. Ferraiolo, and D. R. Kuhn, “Assessment of Access Control Systems”. National Institute of Standards and Technology (NIST), Interagency Report 7316, 2006 [20] M. G. Kang, S. McCamant, P. Poosankam, and D. Song, “DTA++: Dynamic Analysis with Targeted Control-Flow Propagation,”in Proc. of the 18th Annual Network and Distributed System Security Symposium, Feb. 2011, pp. 269-282 [21] E. Kirda, C. Kruegel, G. Banks, G. Vigna, and R. A. Kemmerer, “Behavior-Based Spyware Detection,”in Proc. of the 15th USENIX Security Symposium, Jul. 2006, pp. 273-288 [22] C. Ko, G. Fink, and K. Levitt, “Automated Detection of Vulnerabilities in Privileged Programs By Execution Monitoring,”in Proc. of the 10th Annual Computer Security Applications Conference, Dec. 1994, pp. 134- 144 [23] M. Krohn, A. Yip, M. Brodsky, N. Cliffer, M. F. Kaashoek, E. Kohler, R. Morris, and M. Csail, “Information Flow Control for Standard OS Abstractions,”in Proc. of the 21st ACM Symposium on Operating Systems Principles, Oct. 2007, pp. 321-334 [24] M. Lennon (2011) PandaLabs: Over 5 Million New Malware Samples in Q3. [Online]. Available: http://www.securityweek.com/ pandalabs-over-5-million-new-malware-samples-q3 [25] Locklizard (2013) Information & Data Leakage: Why DRM is required for preventing information leakage. [Online]. Available: http://www. locklizard.com/information leakage.htm [26] N. Mavrogiannopoulos, N. Kisserli, and B. Preneel, “A Taxonomy of Self-Modifying Code for Obfuscation,” Elsevier Computers & Security, vol. 30, no. 8, pp. 679-691, Nov. 2011 [27] D. Mutz, F. Valeur, C. Kruege, and G. Vigna, “Anomalous System Call Detection,”ACM Transactions on Information and System Security, vol. 9, no. 1, pp. 61-93, 2006 [28] A. C. Myers, and B. Liskov,“A Decentralized Model for Information Flow Control,”in Proc. of the 16th ACM Symposium on Operating Systems Principles, Oct. 1997, pp. 129-142 (IJCSIS) International Journal of Computer Science and Information Security, Vol. 12, No. 8, August 2014 31 http://sites.google.com/site/ijcsis/ ISSN 1947-5500 [29] A. C. Myers, and B. Liskov, “Protecting Privacy Using the Decentralized Label Model,” ACM Transactions on Software Engineering and Methodology, vol. 9, no. 4, pp. 410-442, 2000 [30] J. Newsome, and D. Song, “Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software,”in Proc. of the 12th Network and Distributed System Security Symposium, Feb. 2005 [31] W. Robertson, F. Maggi, C. Kruegel, and G. Vigna, “Effective Anomaly Detection with Scarce Training Data,”in Proc. of the 17th Annual Network and Distributed System Security Symposium, Feb. 2010 [32] R. S. Sandhu, and P. Samarati, “Access Control: Principles and Practice,”IEEE Communications Magazine, pp. 40-48, Sep. 1994 [33] M. Smith. (2013) NSA leaker comes forward, warns of agency’s ’existential threat’. [Online]. Available: http://edition.cnn.com/2013/06/ 09/politics/nsa-leak-identity/index.html [34] Sophos Inc. (2010) Security Threat Report: Mid-year 2010. [Online]. Available: http://www.sophos.com/en-us/medialibrary/Gated%20Assets/ white%20papers/sophossecuritythreatreportmidyear2010wpna.pdf [35] W. Stallings, Cryptography and Network Security: Principles and Practices, 5th ed., Boston, Pearson Education, 2011 [36] Symantec Corp. (2009) Press Release: More Than Half of Ex-Employees Admit to Stealing Company Data According to New Study. [Online]. Available: http://www.symantec.com/about/news/release/article. jsp?prid=20090223 01 [37] Symantec Corp. (2013) Symantec Data Loss Prevention: Data Leak Prevention. [Online]. Available: http://www.symantec.com/theme.jsp? themeid=dlp-family [38] N. Vachharajani, M. J. Bridges, J. Chang, R. Rangan, G. Ottoni, J. A. Blome, G. A. Reis, M. Vachharajani, and D. I. August, “RIFLE: An Architectural Framework for User-Centric Information-Flow Security,”in Proc. of the 37th Annual IEEE/ACM International Symposium on Microarchitecture, December 2004, pp. 243-254 [39] Verizon RISK Team and U.S. Secret Service. (2010) Data Breach Investigations Report. [Online]. Available: http://www.verizonbusiness. com/resources/reports/rp 2010-data-breach-report en xg.pdf [40] Verizon RISK Team, U.S. Secret Service, and the Dutch High Tech Crime Unit. (2011) Data Breach Investigations Report. [Online]. Available: http://www.verizonenterprise.com/resources/reports/rp data-breach-investigations-report-2011 en xg.pdf [41] Virus BULLETIN. (2014) Heuristics: Malware detection method using rules and pattern-matching. [Online]. Available: nolinkurlhttp://www.virusbtn.com/resources/glossary/heuristics.xml [42] Websense, Inc. (2012) Web Security Suite. [Online]. Available: http: //www.websense.com/content/WebSecurity.aspx [43] WikiLeaks. (2013) http://wikileaks.org/ [44] A. R. Yumerefendi, B. Mickle, and L. P. Cox, “TightLip: Keeping applications from spilling the beans,”in Proc. of the 4th USENIX Symposium on Networked Systems Design and Implementation, April 2007, pp. 159-172 [45] N. Zeldovich, S. B. Wickizer, E. Kohler, and D. Mazieres, “Making Information Flow Explicit in HiStar,”in Proc. of the 7th USENIX Symposium on Operating Systems Design and Implementation, November 2006, pp. 263-278 [46] N. Zeldovich, S. B. Wickizer, and D. Mazieres, “Securing Distributed Systems with Information Flow Control,”in Proc. of the 5th USENIX Symposium on Networked Systems Design & Implementation, Apr. 2008, pp. 293-308 [47] W. Zeng, H. Yu, and C. Lin,Multimedia Security Technologies for Digital Rights Management, Boston, Elsevier, 2006 [48] D. Zhu, J. Jung, and D. Song, “TaintEraser: Protecting Sensitive Data Leaks Using Application-Level Taint Tracking,”ACM Special Interest Group on Operating Systems (SIGOPS) Operating System Review, vol. 45, no. 1, pp. :142-154, 2011https://t.ly/5X6zXMSA Google ScholarInformation leakage attacks represent a serious threat for their widespread and devastating effects. Their significance stems from the fact that they are committed by an organization’s authorized computer users, and/or processes executing on their behalf. The diverse avenues that could be exploited to carry out such attacks add another barrier towards addressing them. Based on literature review, this paper explores strengths of security measures intended to confront information leakage attacks, and focuses on pinpointing their respective limitations. It demonstrates that only few of them are capable of mitigating such attacks, whereas the rest suffer from conceptual and/or implementation-related limitations that render them vulnerable to circumvention. They are basically prone to high false positive and/or false negative rates, complex to apply, inflexible during execution, suffer from degraded performance, or require hardware modification. Most importantly, neither of them provides a remedy for new undeteenOctober University for University of Information Security, Information Leakage, Security Measures, Security LimitationsLimitations of current security measures to address information leakage attacksArticle