Parsimonious downgrading and decision trees applied to the inference problem
Proceedings of the 1998 workshop on New security paradigms
Secure databases: protection against user influence
ACM Transactions on Database Systems (TODS)
Privacy-preserving data mining
SIGMOD '00 Proceedings of the 2000 ACM SIGMOD international conference on Management of data
On the design and quantification of privacy preserving data mining algorithms
PODS '01 Proceedings of the twentieth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Using unknowns to prevent discovery of association rules
ACM SIGMOD Record
Protecting Respondents' Identities in Microdata Release
IEEE Transactions on Knowledge and Data Engineering
SLAng: A Language for Defining Service Level Agreements
FTDCS '03 Proceedings of the The Ninth IEEE Workshop on Future Trends of Distributed Computing Systems
The VLDB Journal — The International Journal on Very Large Data Bases
Proceedings of the twenty-fourth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Policy-Controlled Event Management for Distributed Intrusion Detection
ICDCSW '05 Proceedings of the Fourth International Workshop on Distributed Event-Based Systems (DEBS) (ICDCSW'05) - Volume 04
Adaptive Control of Extreme-scale Stream Processing Systems
ICDCS '06 Proceedings of the 26th IEEE International Conference on Distributed Computing Systems
L-diversity: Privacy beyond k-anonymity
ACM Transactions on Knowledge Discovery from Data (TKDD)
MapReduce: simplified data processing on large clusters
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Fairplay—a secure two-party computation system
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Diagnosing network disruptions with network-wide analysis
Proceedings of the 2007 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Forensic Analysis for Epidemic Attacks in Federated Networks
ICNP '06 Proceedings of the Proceedings of the 2006 IEEE International Conference on Network Protocols
SPADE: the system s declarative stream processing engine
Proceedings of the 2008 ACM SIGMOD international conference on Management of data
Plan-based complex event detection across distributed sources
Proceedings of the VLDB Endowment
Sharemind: A Framework for Fast Privacy-Preserving Computations
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Proceedings of the 2nd Workshop on High Performance Computational Finance
TCP portscan detection based on single packet flows and entropy
Proceedings of the 2nd International Conference on Interaction Sciences: Information Technology, Culture and Human
Collaborative, privacy-preserving data aggregation at scale
PETS'10 Proceedings of the 10th international conference on Privacy enhancing technologies
Inter-domain stealthy port scan detection through complex event processing
EWDC '11 Proceedings of the 13th European Workshop on Dependable Computing
SAFECOMP'11 Proceedings of the 30th international conference on Computer safety, reliability, and security
Privacy-preserving set operations
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Collaborative Financial Infrastructure Protection: Tools, Abstractions, and Middleware
Collaborative Financial Infrastructure Protection: Tools, Abstractions, and Middleware
Oblivious assignment with m slots
SSS'12 Proceedings of the 14th international conference on Stabilization, Safety, and Security of Distributed Systems
Adaptive online scheduling in storm
Proceedings of the 7th ACM international conference on Distributed event-based systems
Hi-index | 0.00 |
Organizations must protect their information systems from a variety of threats. Usually they employ isolated defenses such as firewalls, intrusion detection and fraud monitoring systems, without cooperating with the external world. Organizations belonging to the same markets (e.g., financial organizations, telco providers) typically suffer from the same cyber crimes. Sharing and correlating information could help them in early detecting those crimes and mitigating the damages. The paper discusses the Semantic Room (SR) abstraction which enables the development of collaborative event-based platforms, on the top of Internet, where data from different information systems are shared, in a controlled manner, and correlated to detect and timely react to coordinated Internet-based security threats (e.g., port scans, botnets) and frauds. In order to show the flexibility of the abstraction, the paper proposes the design, implementation and validation of two SRs: an SR that detects inter-domain port scan attacks and an SR that enables an online fraud monitoring over the Italian territory. In both cases, the SRs use real data traces for demonstrating the effectiveness of the proposed approach. In the first SR, high detection accuracy and small detection delays are achieved whereas in the second, new fraud evidence and investigation instruments are provided to law enforcement agencies.