METHOD AND APPARATUS FOR DETECTING UNAUTHORIZED BULK FORWARDING OF SENSITIVE DATA OVER A NETWORK
摘要
Methods and apparatus are provided for detecting unauthorized bulk forwarding of sensitive data over a network. A bulk forwarding of email from a first network environment is automatically detected by determining an arrival rate for internal emails received from within the first network environment into one or more user accounts; determining a sending rate for external emails sent from the one or more user accounts to a second network environment; and detecting the bulk forwarding of email from a given user account by comparing the arrival rate for internal emails and the sending rate for external emails. The bulk forwarding of email from a given user account can be detected by determining whether statistical models of the arrival rate for internal emails and of the sending rate for external emails are correlated in time.
申请公布号
CA2874097(A1)
申请公布日期
2013.12.19
申请号
CA20132874097
申请日期
2013.03.21
申请人
INTERNATIONAL BUSINESS MACHINES CORPORATION
发明人
CHRISTODORESCU, MIHAI;RAO, JOSYULA R.;SAILER, REINER;SCHALES, DOUGLAS LEE