Many businesses have adopted the use of remote services such as Internet-based backup, storage, and computing services as a way to fulfil their growing need for computing resources. As the use of remote and online services has increased, certain security risks have become a growing concern. One problem of particular concern is data exfiltration. Data exfiltration is the unauthorized transfer of data from a computer system, network, or secure domain. Conventional data exfiltration detection systems often detect and limit the unauthorized transfer of data. Some data exfiltration detection systems accomplish this by detecting when a large amount of data is transmitted from within a client's internal network, to an unknown or abnormal destination outside the client's internal network. For example, a data exfiltration detection system can raise an alarm as a result of detecting 2 TB of data sent off to an Internet-based file sharing site, even if the data is encrypted in transit. The combination of a high data volume and the use of an unknown/abnormal destination triggers the alarm.