See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/343391577

Data Leak Prevention System: A Survey

Article · September 2019

CITATIONS READS

10 660

2 authors:

Prasad J. Jadhav Pramila M. Chawan

Kolhapur Institute Of Technology's College Of Engineering Veermata Jijabai Technological Institute
8 PUBLICATIONS 13 CITATIONS 184 PUBLICATIONS 759 CITATIONS

SEE PROFILE SEE PROFILE

All content following this page was uploaded by Pramila M. Chawan on 03 August 2020.

The user has requested enhancement of the downloaded file.

 International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056
Volume: 06 Issue: 09 | Sep 2019 www.irjet.net p-ISSN: 2395-0072

Data Leak Prevention System: A Survey

Prasad Jadhav1, P. M. Chawan2
1M. Tech Student, Department of Computer Engineering and IT, VJTI College, Maharashtra, India
2Associate Professor, Department of Computer Engineering and IT, VJTI College, Maharashtra, India
---------------------------------------------------------------------***---------------------------------------------------------------------
Abstract - In recent years, many companies and institutions serious damage to any organization. Any organization will
tend to keep most of their data in digital format. There is a want to protect themselves from threats like declining
large specter of information stored by such entities, like revenue, tarnished reputation, massive financial penalties or
medical records, contracts, internal procedures, etc. that can lawsuits. There are many different types of data leak like
be considered as being confidential, thus protecting them is a Accidental Breach, Disgruntled or Ill-Intentioned Employee,
great concern. Since employees have access to such Electronic Communications with Malicious Intent, etc. and it
information, either by negligence or bad intention, they could is important to understand that the problem can be initiated
leak the information. Hence, information security has become via an internal or external source. The following are common
a big concern for the organizations. causes of data loss.
1. Natural Disaster: Your hard drive can be damaged
In this article we propose a software architecture known as due to fire, flood or some other unforeseen
Data Leak Prevention System that can achieve the goals of disasters. However, the data can still be retrieved in
information security of the organizations. This architecture is such situations.
designed to highly regulate access to private data, and
furthermore, to identify which parts of the system can be
subjected to external hacking or inside attacks. 2. Accidental Damage: If a drive or disk is
mishandled or accidentally dropped, this may cause
The proposed architecture focuses mainly on preventing trauma and loss of data. Data recovery is also
massive data leaks. The architecture guarantees that any possible in this case.
access to sensitive data is logged into an external system
which cannot be affected by the attackers.
3. Accidental drive format: Sometimes users
Key Words: Data Leak Prevention accidentally format their drives and this results in
instant loss of data. However, it is possible to
1.INTRODUCTION recover your data in a situation like this. Users can
get help from the experts.
This Currently, security has become an essential factor in our
day to day life. Security is required in Industrial sector as
well as government sector. A malicious attacker can use 4. Accidental Deletion of Data: There are times when
various methods to access the private information. To avoid you accidentally delete a file or a program from
this is one of the goals of the information security. As we your hard drive. This is an unintentional deletion
know that we require security in our daily life, similarly we which may go unnoticed for a long time.
need to implement various strategies to secure the Administrative errors also fall under this category.
information. The best way is to think carefully before you delete
any data or program.
Data leak is the unauthorized exchange of data between an
organization and an external destination or recipient. A data
breach or data leak is the release of confidential or sensitive
information to the unauthorized users. Data leak can happen 5. Intentional Deletion of Data: You may have
because of a programmer assault, intentional leak by deleted a file intentionally from your system and
employees of the organization, or unintentional loss or later decided you wanted the file back. You can still
exposure of data. It implies that the data is transferred recover your data from the recycle bin. If you have
electronically or physically. Data leak usually occurs via the emptied your recycle bin, you can use software
web and email. It can also occur via mobile data storage recover deleted recycle bin files.
devices such as optical media, USB keys, and laptops.
6. Corrupted Data: If your file system or database is
Data leak is also known as data theft and is a huge problem corrupted, then it will inevitably lead to loss data. At
for data security. Regardless of size or industry, it can cause the same time, it is possible to recover data from a

© 2019, IRJET | Impact Factor value: 7.34 | ISO 9001:2008 Certified Journal | Page 1
 International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056
Volume: 06 Issue: 09 | Sep 2019 www.irjet.net p-ISSN: 2395-0072

corrupt file system using an appropriate software Data Leak Prevention (DLP) systems are increasingly being
tool. implemented by various organizations. Unlike the standard
security mechanisms such as firewalls and intrusion
7. Power Failure: If you experience power failure
detection systems (IDS), the DLP systems are designated
before you have the opportunity to save your work,
systems which are used to protect in use, in transit and at
you may lose valuable data. It is better to keep
rest data. DLP system analytically uses the content and
saving as your work.
surrounding context of confidential data to detect and
prevent unauthorized access to confidential data. DLP
system that use content analysis techniques are largely
8. Software Failure: When the application software
dependent upon regular expressions, data fingerprinting,
suddenly crashes or freezes while working, this may
and statistical analysis to detect data leaks.
result in severe damage to the hard drive. This
causes the program close suddenly and all unsaved
work is lost.
2. LITRATURE REVIEW

9. Virus Attack: If a machine is deeply infected by The following are various methods to implement Data
Leak Prevention System:
viruses and worms, spyware, adware and some
deadly computer parasites, this can lead to total
corruption and loss of data. Installing a very good
1. Implementation of a single centralized DLP program:
anti-virus program will reduce the possibility of
having a fatal virus attack.
Many enterprises and business units implement
inconsistent and ad hoc DLP systems. This inconsistency
10. Malicious Attack: Professional hackers or results in lack of visibility into data assets and weak data
competitors can invade into the system and destroy security. Also, the employees tend to ignore department DLP
it. This will obviously lead to loss of data. programs that the rest of the organization does not support.

Data Leak Prevention (DLP) is the practice of detecting and 2. Evaluation of Internal Resources:
preventing data breaches, exfiltration, or unwanted
destruction of sensitive data. Organizations use DLP to
protect their data and comply with regulations and policies. To create and implement a DLP system, an organization
The term DLP refers to defending organizations against both needs skilled personnel with DLP technical expertise,
data loss and data leak prevention. The term data leak refers including DLP risk analysis, data leak response and reporting,
to an event in which important information to the data protection laws, and DLP training and awareness. Some
organization is leaked to the unauthorized environment. government regulations and policies make it mandatory for
Data leak prevention focuses on preventing illicit transfer of the organizations to either employ internal staff or retain
data outside the institutional boundaries. external consultants with data protection knowledge.

3. Conducting an Inventory and Assessment:

An evaluation of the types of data and their value to the

organization serve as prerequisites in implementation of a
DLP program. This involves identification of relevant data,
determining the location of data, and whether it is intellectual
property, confidential information, or data that regulations
address. DLP products like McAfee DLP are capable of
identifying the information assets by scanning the metadata
of files and cataloging the result, or by opening the files to
analyze the content. The next step is the evaluation of risk
associated with each type of data. In addition to this, data exit
points and the cost to the organization in case of data loss are
also considered.

Figure 1. DLP: Data Leak Prevention Model

© 2019, IRJET | Impact Factor value: 7.34 | ISO 9001:2008 Certified Journal | Page 2
 International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056
Volume: 06 Issue: 09 | Sep 2019 www.irjet.net p-ISSN: 2395-0072

4. Implementation in Phases: 3. DLP ARCHITECTURE

Implementation of DLP is a long-term process. The best

way is to implement DLP in stages. The most effective
approach is to prioritize the types of data and communication
channels. Likewise, implementation of DLP software
components or modules as needed, based on the
organization's priorities should be considered rather than
implementing it all at once.

5. Creating a Classification System:

Before an organization can create and implement DLP

policies, it needs a data classification framework or taxonomy
for both unstructured and structured data. Data security can
be classified as confidential, internal, public, personally
identifiable information (PII), financial data, regulated data,
intellectual property, and others. DLP products can scan data Figure 2. Data Leak Prevention System Architecture
using various methods, which helps the organization to
identify the key categories of data. The DLP software The data in an organization is classified into three security
automates classification and users can select and customize classes as top secret, restricted and unrestricted. Whenever
the categories. Content owners can also visually evaluate the user wants to send data over the internet, this
certain types of content that cannot be identified using simple information will be monitored by the DLP system. The
keywords or phrases. system will calculate the semantic similarity and check
whether the data is top secret, restricted or unrestricted. If
the data is unrestricted, the user can send the information. If
6. Establishment of Data Handling and Remediation it is restricted or top secret, the user will not be allowed to
Policies: send this information as it may lead to intentional or
unintentional data leak.
After creating the classification framework for data, the
The organizations can set policies for the users based on
next step is to create policies for handling various types of
which the DLP system will monitor their activities. Since the
data. The DLP policies for handling sensitive data are
specified by the Government requirements. DLP solutions information is classified into security classes, documents
typically apply policies based on various regulations like which are restricted can be detected and remedial actions
HIPAA or GDPR. The policies as per the needs of the such as blocks, alerts, and quarantines can be undertaken.
organization are customized by the DLP staff. The DLP
enforcement products monitor outgoing channels (like email 4.CONCLUSIONS
and web chat) and provide options for handling potential
security breaches in order to administer the policies. For In this paper, a Data Leak Prevention System is proposed to
example, if an employee is about to send an email with a detect and prevent the data from the leak, thereby achieving
sensitive attachment, he might receive a pop-up that suggests the security goals of an organization. The proposed
encrypting the message. The system can block it completely technique has been tested against different scenarios in
or redirect it to the line manager. The response is based on which the DLP system dealt with various types of data. This
rules and policies established by the organization.
technique is simple, easy to implement, and can be useful for
many organizations.
7. Education and Training of Employees:
REFERENCES

Employee awareness and acceptance of security policies is [1] S. Czerwinski, R. Fromm, and T. Hodes, “Digital Music
essential for DLP system. Online training, classes, periodic Distribution and Audio Watermarking,
”http://www.scientificcommons.org/430256 58, 2007.
emails, and posters can improve employee understanding of Available at: www.researchpublications.org NCAICN-
the importance of data security and enhance their ability to 2013, PRMITR,Badnera 399
follow recommended best DLP approach [2] Y. Li, V. Swarup, and S. Jajodia, “Fingerprinting
Relational Databases: Schemes and Specialties,” IEEE

© 2019, IRJET | Impact Factor value: 7.34 | ISO 9001:2008 Certified Journal | Page 3
 International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056
Volume: 06 Issue: 09 | Sep 2019 www.irjet.net p-ISSN: 2395-0072

Trans. Dependable and Secure Computing, vol. 2, no. 1,

pp. 34-45, Jan.-Mar. 2015.
[3] Y. Cui and J. Widom, “Lineage Tracing for General Data
Warehouse Transformations,” The VLDB J., vol. 12, pp.
41-58, 2014.
[4] Panagiotis Papadimitriou and Hector Garcia-Molina,
“Data Leakage Detection,” IEEE Trans, Knowledge and
Data Engineering, vol. 23, no. 1, January 2013.
[5] P. Bonatti, S.D.C. di Vimercati, and P. Samarati, “An
Algebra for Composing Access Control Policies,” ACM
Trans. Information and System Security, vol. 5, no. 1,
pp.1-35, 2011.

BIOGRAPHIES (Optional not mandatory )

Prasad Jadhav is currently

persuing M. Tech from VJTI COE,
Mumbai. He has done his B.E.(IT)
from Sardar Patel Institute of
Technology

Pramila M. Chawan is working as

an Associate Professor in the
Computer Engineering Department
of VJTI, Mumbai. She has done her
B. E.(Computer Engg.) and M.E
(Computer Engineering) from
VJTI COE, Mumbai University. She
has 27 years of teaching
experience and has guided 75+ M.
Tech. projects and 100+ B. Tech.
projects. She has published 99
papers in the International
Journals, 21 papers in the
National/International
conferences/symposiums. She has
worked as an Organizing
Committee member for 13
International Conferences, one
National Conference and 4 AICTE
workshops. She has worked as
NBA coordinator of Computer
Engineering Department of VJTI
for 5 years. She had written
proposal for VJTI under TEQIP-I in
June 2004 for creating Central
Computing Facility at VJTI. Rs.
Eight Crore (Rs. 8,00,00,000/-)
were sanctioned by the World
Bank on this proposal.

© 2019, IRJET | Impact Factor value: 7.34 | ISO 9001:2008 Certified Journal | Page 4

View publication stats