METHOD AND SYSTEM FOR DETECTING AND PREVENTING DATA EXFILTRATION ATTACKS

摘要

A method and system for detecting and preventing data exfiltration attacks is disclosed. The system includes a manager device and an endpoint device, and an attack prevention device. The method includes detecting, at plurality of endpoint devices, downloads made at endpoint devices using Simple Network Management Protocol (SNMP) proxy. Next, the method includes mirroring network traffic associated with the downloads. The method further includes providing the mirrored network traffic as an input to a deep learning model, wherein the deep learning model detects presence of malware in the downloads. Finally, the method involves sending, by the manager device, an alert to one or more devices to prevent, recover, or mitigate data exfiltration attacks.