ICNP '02 Proceedings of the 10th IEEE International Conference on Network Protocols
Privacy-Preserving Alert Correlation: A Concept Hierarchy Based Approach
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
A privacy-preserving interdomain audit framework
Proceedings of the 5th ACM workshop on Privacy in electronic society
Privacy-preserving sharing and correction of security alerts
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Toward Automated Dynamic Malware Analysis Using CWSandbox
IEEE Security and Privacy
FLAIM: a multi-level anonymization framework for computer and network logs
LISA '06 Proceedings of the 20th conference on Large Installation System Administration
Distance-preserving pseudonymization for timestamps and spatial data
Proceedings of the 2007 ACM workshop on Privacy in electronic society
Towards early warning systems: challenges, technologies and architecture
CRITIS'09 Proceedings of the 4th international conference on Critical information infrastructures security
Intelligent network-based early warning systems
CRITIS'06 Proceedings of the First international conference on Critical Information Infrastructures Security
Requirements of information reductions for cooperating intrusion detection agents
ETRICS'06 Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security
The nepenthes platform: an efficient approach to collect malware
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
Hi-index | 0.00 |
From large-scale acquisition of information on security incidents by early warning systems (EWS) arises the opportunity to draw up a situation picture that allows detection of trends and upcoming threats. While the need for integrating such information is widely accepted, there typically exist reservations concerning the distribution of information allowing outsiders insights into security incidents of individual organizations. These reservations so far prohibit the deployment of EWS in practice. In order to make EWS practical we study the conflicting interests of all involved parties regarding information processed by the EWS, and propose a resolution of the conflict based on information reduction by pseudonymization. We develop a fair balanced trade-off respecting most interests of parties as well as privacy of involved persons and propose privacy mechanisms to be applied to respective information. An implementation of the privacy mechanisms is experimentally evaluated to demonstrate the practicality of our approach.