| CPC G06F 21/6218 (2013.01) [H04L 63/0245 (2013.01)] | 19 Claims |
|
1. A method performed by one or more computing resources, comprising:
with the one or more computing resources, scanning an outbound electronic mail message for patterns associated with sensitive content;
further processing the outbound electronic mail message with a neural network model running on the one or more computing resources and trained to yield a probability that the outbound electronic mail message contains sensitive content based on contextual information relating to the outbound electronic mail message, wherein:
the neural network model is trained, at least in part, using a training set comprising at least one training electronic mail message consisting of non-sensitive text of at least one sensitive mail message that exfiltrated at least one item of sensitive content, the non-sensitive text comprising text of the at least one sensitive mail message with an entirety of the at least one item of sensitive content removed to determine whether the non-sensitive text contains patterns indicative of containing sensitive content; and
the training set includes a specified number of electronic mail messages that were sent immediately before an exfiltration event; and
taking, responsive to the scanning locating one or more patterns associated with sensitive content or the probability that the outbound electronic mail message contains sensitive content exceeding a first threshold, a first remedial action regarding the outbound electronic mail message.
|