iLeak: A Lightweight System for Detecting Inadvertent Information Leaks

Data loss incidents, where data of sensitive nature are exposed to the public, have become too frequent and have caused damages of millions of dollars to companies and other organizations. Repeatedly, information leaks occur over the Internet, and half of the time they are accidental, caused by user negligence, misconfiguration of software, or inadequate understanding of an application’s functionality. This paper presents iLeak, a lightweight, modular system for detecting inadvertent information leaks. Unlike previous solutions, iLeak builds on components already present in modern computers. In particular, we employ system tracing facilities and data indexing services, and combine them in a novel way to detect data leaks. Our design consists of three components: uaudits are responsible for capturing the information that exits the system, while Inspectors use the indexing service to identify if the transmitted data belong to files that contain potentially sensitive information. The Trail Gateway handles the communication and synchronization of uaudits and Inspectors. We implemented iLeak on Mac OS X using DTrace and the Spotlight indexing service. Finally, we show that iLeak is indeed lightweight, since it only incurs 4% overhead on protected applications.

[1]  Bryan Cantrill,et al.  Dynamic Instrumentation of Production Systems , 2004, USENIX Annual Technical Conference, General Track.

[2]  Brad Chen,et al.  Locating System Problems Using Dynamic Instrumentation , 2010 .

[3]  M. Eric Johnson,et al.  Inadvertent Disclosure - Information Leaks in the Extended Enterprise , 2007, WEIS.

[4]  Alfred V. Aho,et al.  The awk programming language , 1988 .

[5]  Andrew C. Myers,et al.  Protecting privacy using the decentralized label model , 2000, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[6]  Towards Quantification of Network-Based Information Leaks via HTTP , 2008, HotSec.

[7]  Herbert Bos,et al.  Argos: an emulator for fingerprinting zero-day attacks for advertised honeypots with automatic signature generation , 2006, EuroSys.

[8]  Andrew S. Tanenbaum,et al.  A Virtual Machine Based Information Flow Control System for Policy Enforcement , 2008, Electron. Notes Theor. Comput. Sci..

[9]  Andrew C. Myers,et al.  JFlow: practical mostly-static information flow control , 1999, POPL '99.

[10]  Eddie Kohler,et al.  Making information flow explicit in HiStar , 2006, OSDI '06.

[11]  Michael Backes,et al.  Automatic Discovery and Quantification of Information Leaks , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[12]  William W. Cohen,et al.  CutOnce-Recipient Recommendation and Leak Detection in Action , 2008 .

[13]  Tal Garfinkel,et al.  Understanding data lifetime via whole system simulation , 2004 .

[14]  Steve Vandebogart,et al.  Labels and event processes in the Asbestos operating system , 2005, TOCS.

[15]  William W. Cohen,et al.  Preventing Information Leaks in Email , 2007, SDM.

[16]  M. Desnoyers,et al.  Combined Tracing of the Kernel and Applications with LTTng , 2010 .