Data exfiltration: methods and detection countermeasures

James King, Gueltoum Bendiab, Nick Savage, Stavros Shiaeles

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1016 Downloads (Pure)


Data exfiltration is of increasing concern throughout the world. The number of incidents and capabilities of data exfiltration attacks are growing at an unprecedented rate. However, such attack vectors have not been deeply explored in the literature. This paper aims to address this gap by implementing a data exfiltration methodology, detailing some data exfiltration methods. Groups of exfiltration methods are incorporated into a program that can act as a testbed for owners of any network that stores sensitive data. The implemented methods are tested against the well-known network intrusion detection system Snort, where all of them have been successfully evaded detection by its community rule sets. Thus, in this paper, we have developed new countermeasures to prevent and detect data exfiltration attempts using these methods.
Original languageEnglish
Title of host publication2021 IEEE International Conference on Cyber Security and Resilience (CSR)
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781665402859
ISBN (Print)9781665402866
Publication statusPublished - 6 Sept 2021
Event2021 IEEE International Conference on Cyber Security and Resilience - Virtual
Duration: 26 Jul 202128 Jul 2021


Conference2021 IEEE International Conference on Cyber Security and Resilience
Abbreviated titleIEEE CSR
Internet address


  • Data exfiltration
  • security
  • Cyberattack
  • steganography
  • countermeasures
  • Intrusion Detection System


Dive into the research topics of 'Data exfiltration: methods and detection countermeasures'. Together they form a unique fingerprint.

Cite this