The process of embedding covert capabilities in information, systems, or system components to allow organizations to be alerted to the exfiltration of information.
Sources:
NIST SP 800-172