{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,28]],"date-time":"2025-03-28T10:26:43Z","timestamp":1743157603008,"version":"3.40.3"},"publisher-location":"Cham","reference-count":28,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031365737"},{"type":"electronic","value":"9783031365744"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-3-031-36574-4_25","type":"book-chapter","created":{"date-parts":[[2023,7,15]],"date-time":"2023-07-15T13:01:58Z","timestamp":1689426118000},"page":"417-434","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Cyber Crime Undermines Data Privacy Efforts \u2013 On the Balance Between Data Privacy and\u00a0Security"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-5789-8558","authenticated-orcid":false,"given":"Michael","family":"Mundt","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9254-6398","authenticated-orcid":false,"given":"Harald","family":"Baier","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2023,7,16]]},"reference":[{"key":"25_CR1","doi-asserted-by":"crossref","unstructured":"Ullah, F., Edwards, M., Ramdhany, R., Chitchyan, R., Babar, M.A., Rashid, A.: Data exfiltration: a review of external attack vectors and countermeasures. J. Netw. Comput. Appl. 101(2), 18\u201354 (2017). https:\/\/eprints.lancs.ac.uk\/id\/eprint\/88549\/1\/1_s2.0_S1084804517303569_main.pdf","DOI":"10.1016\/j.jnca.2017.10.016"},{"key":"25_CR2","doi-asserted-by":"crossref","unstructured":"Belshe, M., Peon, R., Thomson, M.: Hypertext transfer protocol version 2 (HTTP\/2) (2015). https:\/\/datatracker.ietf.org\/doc\/html\/rfc7540. Accessed 07 Mar 2021","DOI":"10.17487\/RFC7540"},{"key":"25_CR3","unstructured":"Cory Benfield. Hyper: HTTP\/2 client for python (2015). https:\/\/hyper.readthedocs.io\/en\/latest\/. Accessed 13 Mar 2022"},{"key":"25_CR4","doi-asserted-by":"crossref","unstructured":"Semal, B., Markantonakis, K., Mayes, K., Kalbantner, J.: One covert channel to rule them all: a practical approach to data exfiltration in the cloud. In: 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) TRUSTCOM Trust, pp. 328\u2013336 (2020)","DOI":"10.1109\/TrustCom50675.2020.00053"},{"key":"25_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"21","DOI":"10.1007\/978-3-319-44760-5_2","volume-title":"Privacy Technologies and Policy","author":"F Bieker","year":"2016","unstructured":"Bieker, F., Friedewald, M., Hansen, M., Obersteller, H., Rost, M.: A process for data protection impact assessment under the European general data protection regulation. In: Schiffner, S., Serna, J., Ikonomou, D., Rannenberg, K. (eds.) APF 2016. LNCS, vol. 9857, pp. 21\u201337. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-44760-5_2"},{"key":"25_CR6","unstructured":"Darktrace Blog and Dianna Leddy. Double extortion-ransomware (2021). https:\/\/www.darktrace.com\/de\/blog\/double-extortion-ransomware\/?utm_source=xing &utm_medium=static-awareness-de &utm_campaign=campaign_socialmedia &dclid=CMnvw4O-2vICFdJD4AodzLAPWw. Accessed 22 Oct 2021"},{"key":"25_CR7","unstructured":"European Data Protection Board. Guidelines 01\/2021 on examples regarding data breach notification, version 2.0 (2021). https:\/\/edpb.europa.eu\/system\/files\/2022-01\/edpb_guidelines_012021_pdbnotification_adopted_en.pdf. Accessed 06 Mar 2022"},{"key":"25_CR8","unstructured":"Cloudflare. What happens in a TLS handshake? | SSL handshake (2022). https:\/\/www.cloudflare.com\/learning\/ssl\/what-happens-in-a-tls-handshake\/. Accessed 13 Mar 2021"},{"key":"25_CR9","unstructured":"MITRE Corporation. MITRE ATT &CK framework (2021). https:\/\/attack.mitre.org\/. Accessed 04 Mar 2021"},{"key":"25_CR10","unstructured":"MITRE Corporation. MITRE ATT &CK navigator (2021). https:\/\/mitre-attack.github.io\/attack-navigator\/. Accessed 04 Mar 2021"},{"key":"25_CR11","unstructured":"MITRE Corporation. MITRE ATT &CK navigator - matrix enterprise (2022). https:\/\/attack.mitre.org\/matrices\/enterprise\/. Accessed 08 Mar 2022"},{"key":"25_CR12","doi-asserted-by":"crossref","unstructured":"Goverman, J., Tekeoglu, A.: Stealthy data exfiltration via TCP sequence numbers based covert channel. In: 2021 International Conference on Computer Information and Telecommunication Systems, 1\u20135 Nov 2021. https:\/\/ieeexplore.ieee.org\/document\/9618137","DOI":"10.1109\/CITS52676.2021.9618137"},{"key":"25_CR13","unstructured":"Gregorik, I.: High performance browser networking HTTP\/2 (2013). https:\/\/hpbn.co\/http2\/. Accessed 13 Mar 2021"},{"key":"25_CR14","unstructured":"IETF HTTP Working Group. Http\/2 (2015). https:\/\/http2.github.io\/. Accessed 13 Mar 2022"},{"key":"25_CR15","doi-asserted-by":"crossref","unstructured":"AlKilani, H., Nasereddin, M., Hadi, A., Tedmori, S.: Data exfiltration techniques and data loss prevention system. In: 2019 International Arab Conference on Information Technology (ACIT) Information Technology (ACIT), pp. 124\u2013127 (2019)","DOI":"10.1109\/ACIT47987.2019.8991131"},{"key":"25_CR16","doi-asserted-by":"crossref","unstructured":"King, J., Bendiab, G., Savage, N., Shiaeles, S.: Data exfiltration: methods and detection countermeasures. In: 2021 IEEE International Conference on Cyber Security and Resilience (CSR) Cyber Security and Resilience (CSR), pp. 442\u2013447 (2021). https:\/\/ieeexplore.ieee.org\/stamp\/stamp.jsp?tp= &arnumber=9527962","DOI":"10.1109\/CSR51186.2021.9527962"},{"key":"25_CR17","unstructured":"Saryu N.: Why the dwell time of cyberattacks has not changed (2021). https:\/\/www.forbes.com\/sites\/forbestechcouncil\/2021\/05\/03\/why-the-dwell-time-of-cyberattacks-has-not-changed\/?sh=48b387a457d8. Accessed 06 Nov 2022"},{"key":"25_CR18","doi-asserted-by":"crossref","unstructured":"Mundt, M., Baier, H.: Towards mitigation of data exfiltration techniques using the MITRE ATT &CK framework. In: 12th EAI International Conference on Digital Forensics & Cyber Crime (EAI ICDF2C). https:\/\/compass.eai.eu\/events\/detail\/242\/eai-icdf2c-2021","DOI":"10.1007\/978-3-031-06365-7_9"},{"key":"25_CR19","unstructured":"European Parliament. Regulation (EU) 2016\/679 of the European parliament and of the council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing directive 95\/46\/EC (general data protection regulation) (2016). https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/PDF\/?uri=CELEX:32016R0679. Accessed 06 Mar 2022"},{"key":"25_CR20","unstructured":"Pope, N., Goodell, G.: Identification for accountability vs privacy (2022). https:\/\/arxiv.org\/ftp\/arxiv\/papers\/2201\/2201.06971.pdf. Accessed 01 Apr 2022"},{"key":"25_CR21","unstructured":"Mandiant Special Report. M-trends 2022 (2022). https:\/\/www.mandiant.com\/media\/15671. Accessed 06 Nov 2022"},{"key":"25_CR22","unstructured":"Salvi, M.V., Bapat, M.P.: Mode of data flow in the OSI model. IJIERT - Int. J. Innov. Eng. Res. Technol. 2(3), 1\u20137 (2015)"},{"key":"25_CR23","unstructured":"Statista. Median time period between intrusion, detection, and containment of industrial cyber attacks worldwide from 2014 to 2019 (2020). https:\/\/www.statista.com\/statistics\/221406\/time-between-initial-compromise-and-discovery-of-larger-organizations\/. Accessed 07 Mar 2021"},{"key":"25_CR24","unstructured":"Microsoft Support. Configure email forwarding in Microsoft 365 (2022). https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/admin\/email\/configure-email-forwarding?view=o365-worldwide. Accessed 11 Mar 2022"},{"key":"25_CR25","unstructured":"Microsoft Support. Use rules to automatically forward messages (2022). https:\/\/support.microsoft.com\/en-us\/office\/use-rules-to-automatically-forward-messages-45aa9664-4911-4f96-9663-ece42816d746. Accessed 11 Mar 2022"},{"key":"25_CR26","doi-asserted-by":"crossref","unstructured":"McIntosh, T., Kayes, A.S.M., Chen, Y.P.P., Ng, A., Watters, P.: Ransomware mitigation in the modern Era: a comprehensive review, research challenges, and future directions. ACM Comput. Surv. (CSUR). 54(9), 1\u201336. ACM, New York, NY (2021)","DOI":"10.1145\/3479393"},{"key":"25_CR27","doi-asserted-by":"publisher","unstructured":"Neubert, T., Vielhauer, C., Kraetzer, C.: Artificial steganographic network data generation concept and evaluation of detection approaches to secure industrial control systems against steganographic attacks. In: The 16th International Conference on Availability, Reliability and Security, pp. 1\u20139 (2021). https:\/\/doi.org\/10.1145\/3465481.3470073","DOI":"10.1145\/3465481.3470073"},{"key":"25_CR28","unstructured":"Gellert, R.: Understanding the notion of risk in the general data protection regulation (2016). https:\/\/www.sciencedirect.com\/science\/article\/abs\/pii\/S0267364917302698. Accessed 09 Apr 2022"}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Digital Forensics and Cyber Crime"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-36574-4_25","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,7,15]],"date-time":"2023-07-15T13:04:47Z","timestamp":1689426287000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-36574-4_25"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9783031365737","9783031365744"],"references-count":28,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-36574-4_25","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"type":"print","value":"1867-8211"},{"type":"electronic","value":"1867-822X"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"16 July 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICDF2C","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Digital Forensics and Cyber Crime","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Boston, MA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 November 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18 November 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"icdf2c2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Confy plus","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"80","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"28","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"35% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"5","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}