{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T17:10:06Z","timestamp":1755882606389,"version":"3.44.0"},"publisher-location":"New York, NY, USA","reference-count":37,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,7,30]],"date-time":"2024-07-30T00:00:00Z","timestamp":1722297600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,7,30]]},"DOI":"10.1145\/3664476.3664483","type":"proceedings-article","created":{"date-parts":[[2024,7,25]],"date-time":"2024-07-25T12:35:50Z","timestamp":1721910950000},"page":"1-12","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Towards Reducing Business-Risk of Data Theft Implementing Automated Simulation Procedures of Evil Data Exfiltration"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-5789-8558","authenticated-orcid":false,"given":"Michael","family":"Mundt","sequence":"first","affiliation":[{"name":"Esri Deutschland GmbH, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9254-6398","authenticated-orcid":false,"given":"Harald","family":"Baier","sequence":"additional","affiliation":[{"name":"Universit\u00e4t der Bundeswehr M\u00fcnchen, Research Instiute CODE, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0000-5746-1842","authenticated-orcid":false,"given":"Antje","family":"Raab-D\u00fcsterh\u00f6ft","sequence":"additional","affiliation":[{"name":"Hochschule Wismar, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2024,7,30]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Retrieved","author":"Rapid","year":"2023","unstructured":"Rapid 7. 2023. Dig Deeper into your organization\u2019s endpoints - Velociraptor. Retrieved December 17, 2023 from https:\/\/www.rapid7.com\/products\/velociraptor\/"},{"key":"e_1_3_2_1_2_1","volume-title":"Retrieved","author":"Rapid","year":"2023","unstructured":"Rapid 7. 2023. Velociraptor - Documentation. Retrieved December 17, 2023 from https:\/\/docs.velociraptor.app\/docs\/"},{"key":"e_1_3_2_1_3_1","volume-title":"Retrieved","author":"MITRE Corporation","year":"2022","unstructured":"MITRE Corporation. 2022. MITRE Caldera - A scalable, automated adversary emulation platform. Retrieved December 21, 2023 from https:\/\/caldera.mitre.org\/"},{"key":"e_1_3_2_1_4_1","volume-title":"Retrieved","author":"MITRE Corporation","year":"2022","unstructured":"MITRE Corporation. 2022. MITRE Caldera Documentation. Retrieved December 21, 2023 from https:\/\/caldera.readthedocs.io\/en\/latest\/"},{"key":"e_1_3_2_1_5_1","volume-title":"MITRE Advanced Tactics, Techniques and Common Knowledge Framework (ATT&CK). Retrieved","author":"MITRE Corporation","year":"2024","unstructured":"MITRE Corporation. 2023. MITRE Advanced Tactics, Techniques and Common Knowledge Framework (ATT&CK). Retrieved January 3, 2024 from https:\/\/attack.mitre.org\/"},{"key":"e_1_3_2_1_6_1","volume-title":"Retrieved","author":"MITRE Corporation","year":"2023","unstructured":"MITRE Corporation. 2023. Sandworm Team. Retrieved January 13, 2024 from https:\/\/attack.mitre.org\/groups\/G0034\/"},{"key":"e_1_3_2_1_7_1","volume-title":"T 1029: Scheduled Transfer. Retrieved","author":"MITRE Corporation","year":"2024","unstructured":"MITRE Corporation. 2023. T 1029: Scheduled Transfer. Retrieved January 4, 2024 from https:\/\/attack.mitre.org\/techniques\/T1029\/"},{"key":"e_1_3_2_1_8_1","volume-title":"T 1030: Data Transfer Size Limits. Retrieved","author":"MITRE Corporation","year":"2024","unstructured":"MITRE Corporation. 2023. T 1030: Data Transfer Size Limits. Retrieved January 4, 2024 from https:\/\/attack.mitre.org\/techniques\/T1030\/"},{"key":"e_1_3_2_1_9_1","volume-title":"T 1074: Data Staged. Retrieved","author":"MITRE Corporation","year":"2024","unstructured":"MITRE Corporation. 2023. T 1074: Data Staged. Retrieved January 6, 2024 from https:\/\/attack.mitre.org\/techniques\/T1074\/"},{"key":"e_1_3_2_1_10_1","volume-title":"T 1083: File and Directory Discovery. Retrieved","author":"MITRE Corporation","year":"2024","unstructured":"MITRE Corporation. 2023. T 1083: File and Directory Discovery. Retrieved January 6, 2024 from https:\/\/attack.mitre.org\/techniques\/T1083\/"},{"key":"e_1_3_2_1_11_1","volume-title":"T 1537: Transfer Data to Cloud Account. Retrieved","author":"MITRE Corporation","year":"2024","unstructured":"MITRE Corporation. 2023. T 1537: Transfer Data to Cloud Account. Retrieved January 4, 2024 from https:\/\/attack.mitre.org\/techniques\/T1537\/"},{"key":"e_1_3_2_1_12_1","volume-title":"T 1560: Archive Collected Data. Retrieved","author":"MITRE Corporation","year":"2024","unstructured":"MITRE Corporation. 2023. T 1560: Archive Collected Data. Retrieved January 6, 2024 from https:\/\/attack.mitre.org\/techniques\/T1560\/"},{"key":"e_1_3_2_1_13_1","volume-title":"Retrieved","author":"MITRE Corporation","year":"2024","unstructured":"MITRE Corporation. 2024. DEFEND (beta) - A knowledge graph of cybersecurity countermeasures. Retrieved January 26, 2024 from https:\/\/d3fend.mitre.org\/"},{"key":"e_1_3_2_1_14_1","volume-title":"Retrieved","author":"David\u00a0SooHoo Security\u00a0Magazin","year":"2024","unstructured":"Security\u00a0Magazin David\u00a0SooHoo. 2024. Why cybersecurity teams need the attacker\u2019s perspective. Retrieved February 23, 2024 from https:\/\/www.securitymagazine.com\/articles\/98736-why-cybersecurity-teams-need-the-attackers-perspective"},{"key":"e_1_3_2_1_15_1","unstructured":"Federal\u00a0Office for Information\u00a0Security. 2024. IT-Grundschutz - A systematic basis for information security. https:\/\/www.bsi.bund.de\/EN\/Themen\/Unternehmen-und-Organisationen\/Standards-und-Zertifizierung\/IT-Grundschutz\/it-grundschutz_node.html"},{"key":"e_1_3_2_1_16_1","volume-title":"Retrieved","author":"International\u00a0Organization for Standardization.","year":"2022","unstructured":"International\u00a0Organization for Standardization. 2022. ISO\/IEC 27001:2022 Information security, cybersecurity and privacy protection \u2014 Information security management systems \u2014 Requirements. Retrieved January 18, 2024 from https:\/\/www.iso.org\/standard\/82875.html"},{"key":"e_1_3_2_1_17_1","volume-title":"Retrieved","author":"Foundation Wireshark","year":"2023","unstructured":"Wireshark Foundation. 2023. Wireshark - The world\u2019s most popular network protocol analyzer. Retrieved January 15, 2024 from https:\/\/www.wireshark.org\/"},{"volume-title":"Gartner Top 10 Strategic Technology Trends for","year":"2024","key":"e_1_3_2_1_18_1","unstructured":"Gartner. 2023. Gartner Top 10 Strategic Technology Trends for 2024. Retrieved January 2, 2024 from https:\/\/www.gartner.com\/en\/articles\/gartner-top-10-strategic-technology-trends-for-2024"},{"volume-title":"GitHub - Discover Gists. Retrieved","year":"2024","key":"e_1_3_2_1_19_1","unstructured":"GitHub. 2023. GitHub - Discover Gists. Retrieved January 4, 2024 from https:\/\/gist.github.com\/"},{"volume-title":"GitHub - Let\u2019s build from here. Retrieved","year":"2024","key":"e_1_3_2_1_20_1","unstructured":"GitHub. 2023. GitHub - Let\u2019s build from here. Retrieved January 4, 2024 from https:\/\/github.com\/"},{"key":"e_1_3_2_1_21_1","volume-title":"Retrieved","author":"Harrell Brent","year":"2021","unstructured":"Brent Harrell. 2021. Stockpile payload for advanced searching and Staging (shellscript). Retrieved December 28, 2023 from https:\/\/github.com\/mitre\/stockpile\/blob\/master\/payloads\/file_search.sh"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.5121\/ijci.2023.120505"},{"key":"e_1_3_2_1_23_1","article-title":"Enhancing Incident Management by an improved Understanding of Data Exfiltration - Definition, Evaluation","author":"Mundt Michael","year":"2023","unstructured":"Michael Mundt and Harald Baier. 2023. Enhancing Incident Management by an improved Understanding of Data Exfiltration - Definition, Evaluation, Review. Retrieved December 2, 2023 from https:\/\/icdf2c.eaiconferences.org\/2023\/accepted-papers","journal-title":"Review. Retrieved"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-26845-8"},{"key":"e_1_3_2_1_25_1","volume-title":"Retrieved","author":"\u00a0community","year":"2024","unstructured":"neo4j\u00a0community forum. 2024. neo4j Docs. Retrieved February 15, 2024 from https:\/\/neo4j.com\/docs\/graph-data-science\/current\/algorithms\/degree-centrality\/"},{"key":"e_1_3_2_1_26_1","volume-title":"Retrieved","author":"Open Information","year":"2024","unstructured":"Open Information Security\u00a0Foundation (OISF). 2024. SURICATA - Oberserve.Protect.Adapt. Retrieved January 12, 2024 from https:\/\/suricata.io\/"},{"key":"e_1_3_2_1_27_1","volume-title":"Retrieved","author":"Open\u00a0Source Project Public","year":"2024","unstructured":"Public Open\u00a0Source Project. 2024. curl. Retrieved January 11, 2024 from https:\/\/github.com\/curl\/curl"},{"key":"e_1_3_2_1_28_1","volume-title":"Retrieved","author":"Resources GitHub","year":"2024","unstructured":"GitHub Resources. 2024. CI\/CD: The what, why, and how. Retrieved January 12, 2024 from https:\/\/resources.github.com\/ci-cd\/"},{"key":"e_1_3_2_1_29_1","article-title":"Machine Learning for Detecting Data Exfiltration","author":"Sabir Bushra","year":"2021","unstructured":"Bushra Sabir, Faheem Ullah, M.\u00a0Ali Babar, and Raj Gaire. 2021. Machine Learning for Detecting Data Exfiltration: A Review. Retrieved December 17, 2023 from https:\/\/dl.acm.org\/doi\/abs\/10.1145\/3442181","journal-title":"A Review. Retrieved"},{"key":"e_1_3_2_1_30_1","volume-title":"Retrieved","author":"Takeuchi Kazuya","year":"2023","unstructured":"Kazuya Takeuchi, Takako Kumamoto, Yunko Yoshida, and Himari Fujima. 2023. Decentralized Identity Verification System for Data Access to Prevent Data Exfiltration Ransomware. Retrieved December 19, 2023 from https:\/\/d197for5662m48.cloudfront.net\/documents\/publicationstatus\/180983\/preprint_pdf\/ef0f51a9563ff0a2094f7a849d4449be.pdf"},{"volume-title":"Data Exfiltration Threats and Prevention Techniques: Machine Learning and Memory\u2010Based Data Security","author":"Tari Zahir","key":"e_1_3_2_1_31_1","unstructured":"Zahir Tari, Nasrin Sohrabi, Yasaman Samadi, and Jakapan Suaboot. 2023. Data Exfiltration Threats and Prevention Techniques: Machine Learning and Memory\u2010Based Data Security. IEE Press Wiley, 111 River Street, Hoboken, NJ 07030, USA. Retrieved December 15, 2023 from https:\/\/onlinelibrary.wiley.com\/doi\/book\/10.1002\/9781119898900"},{"volume-title":"Simulation and Wargaming","author":"Turnitsa Charles","key":"e_1_3_2_1_32_1","unstructured":"Charles Turnitsa, Curtis Blais, and Andreas Tolk. 2022. Simulation and Wargaming. IEEE Press Wiley, 111 River Street, Hoboken, NJ 07030, USA. Retrieved December 15, 2023 from https:\/\/onlinelibrary.wiley.com\/doi\/epub\/10.1002\/9781119604815"},{"volume-title":"Retrieved","year":"2023","key":"e_1_3_2_1_33_1","unstructured":"Wazuh. 2023. Wazuh - documentation. Retrieved December 21, 2023 from https:\/\/documentation.wazuh.com\/current\/index.html"},{"volume-title":"Retrieved","year":"2023","key":"e_1_3_2_1_34_1","unstructured":"Wazuh. 2023. Wazuh - the open source security platform. Retrieved December 17, 2023 from https:\/\/wazuh.com\/"},{"volume-title":"Retrieved","year":"2024","key":"e_1_3_2_1_35_1","unstructured":"Wazuh. 2024. Network IDS Integration. Retrieved January 12, 2024 from https:\/\/documentation.wazuh.com\/current\/proof-of-concept-guide\/integrate-network-ids-suricata.html"},{"volume-title":"Retrieved","year":"2022","key":"e_1_3_2_1_36_1","unstructured":"Abuse|ch Wazuh. 2022. Detecting malicious URLs using Wazuh and URLhaus. Retrieved January 12, 2024 from https:\/\/wazuh.com\/blog\/detecting-malicious-urls-using-wazuh-and-urlhaus\/"},{"key":"e_1_3_2_1_37_1","first-page":"00898","volume-title":"Retrieved","author":"Xiong Wenjun","year":"2021","unstructured":"Wenjun Xiong, Emeline Legrand, Oscar \u00c5berg, and Robert Lagerstr\u00f6m. 2021. Cyber security threat modeling based on the MITRE Enterprise ATT&CK Matrix. Retrieved December 14, 2023 from https:\/\/link.springer.com\/article\/10.1007\/s10270-021-00898-7"}],"event":{"name":"ARES 2024: The 19th International Conference on Availability, Reliability and Security","acronym":"ARES 2024","location":"Vienna Austria"},"container-title":["Proceedings of the 19th International Conference on Availability, Reliability and Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3664476.3664483","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3664476.3664483","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T16:56:08Z","timestamp":1755881768000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3664476.3664483"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,7,30]]},"references-count":37,"alternative-id":["10.1145\/3664476.3664483","10.1145\/3664476"],"URL":"https:\/\/doi.org\/10.1145\/3664476.3664483","relation":{},"subject":[],"published":{"date-parts":[[2024,7,30]]},"assertion":[{"value":"2024-07-30","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}