Features for Building a Data Loss Prevention (DLP) System

Target’s infamous breach marked one of the most influential cyber attacks of all times when some 40 million credit card numbers were stolen and sold in the darknet (fall 2013). To perform such an attack, a control and command (C&C or C2) server was placed outside the corporate network to control corporate computers.
In this talk, I'll describe details of modern covert communication channels established for malicious intentions, and describe two algorithms for a Data Loss Prevention (DLP) system.