How to construct random functions
Journal of the ACM (JACM)
Communications of the ACM
Intercepting mobile communications: the insecurity of 802.11
Proceedings of the 7th annual international conference on Mobile computing and networking
New directions in traffic measurement and accounting
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
Efficient implementation of a statistics counter architecture
SIGMETRICS '03 Proceedings of the 2003 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Practical Techniques for Searches on Encrypted Data
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
The devil and packet trace anonymization
ACM SIGCOMM Computer Communication Review
An improved construction for counting bloom filters
ESA'06 Proceedings of the 14th conference on Annual European Symposium - Volume 14
Legal issues surrounding monitoring during network research
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
Privacy/Analysis Tradeoffs in Sharing Anonymized Packet Traces: Single-Field Case
ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
Fingerprinting websites using traffic analysis
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Privacy vulnerabilities in encrypted HTTP streams
PET'05 Proceedings of the 5th international conference on Privacy Enhancing Technologies
Key escrow schemes with sliding window for privacy-aware anomaly detection system
Proceedings of the 2010 EDBT/ICDT Workshops
LISA'10 Proceedings of the 24th international conference on Large installation system administration
Secret-sharing hardware improves the privacy of network monitoring
DPM'10/SETOP'10 Proceedings of the 5th international Workshop on data privacy management, and 3rd international conference on Autonomous spontaneous security
| Hi-index | 0.00 |
The enormous amount of traffic data gathered by network monitoring systems poses a serious threat on the privacy of the network customers. To face this issue, this paper promotes a new approach to privacy-preserving network monitoring. With concrete reference to a simplified anomaly detection scenario, we show how a monitoring application can be decomposed in two parts running in different components. A front-end stage is devised to capture raw (unprotected) packets and process them "on-the-fly" through performance/memory efficient data structures, and specifically Counting Bloom Filters. Captured packets are then cryptographically protected and delivered to a back-end stage along with suitably designed cryptographic material determined by the output of the counting filter. The system is conceived to technically restrict decryption only to data packets which are classified as belonging to a flow for which an anomalous behavior is suspected. The remaining traffic is by construction guaranteed that no further data processing nor, to some extent, statistical analysis may occur in the system back-end. Although the anomaly detection application used as operative reference throughout this work is somewhat simplified with respect to real-world approaches, the resulting problem is significantly more complex than traditional pattern searching techniques over encrypted data. Hence, albeit preliminary and with room for improvements, we believe that our proposed approach suggests new promising research directions in privacy-preserving network monitoring.