Systems and methods for data loss prevention of unidentifiable and unsupported object types
摘要
說明書
Monitoring module 104 may monitor data input to the application in a variety of ways. For example, monitoring module 104 may monitor data input to the application through one or more of (1) network filter 242 that filters network packets received by the application during execution, (2) file system filter 244 that filters file access requests from the application to a file system, (3) operating system clipboard filter 240 that filters data pasted into the application during execution, and (4) inter-process 246 filter that filters data received into the application from other applications. Network filter 242 may monitor metadata and/or network packet payloads (e.g., underlying content) for sensitive data. File system filter 244 may monitor file access requests (e.g., read, write, copy, delete, and/or create commands, etc.) for sensitive data. Similarly, clipboard filter 240 may monitor cut commands, copy commands, and/or paste commands for sensitive data. Additionally, inter-process filter 246 may correspond to an inter-process communication filter. Inter-process filter 246 may monitor data objects transmitted between applications through an operating system inter-process communication sharing or transmission mechanism. Monitoring module 104 may also monitor user input or peripheral device input, such as keyboard, mouse, voice or Dictaphone, still camera, video camera, web-cam, and/or other input for scanning by scanning module 106.
