CRYPTO '88 Proceedings on Advances in cryptology
The intrusion detection system AID—architecture, and experiences in automated audit analysis
Proceedings of the IFIP TC6/TC11 international conference on Communications and multimedia security II
Pseudonymous audit for privacy enhanced intrusion detection
SEC'97 Proceedings of the IFIP TC11 13 international conference on Information Security (SEC '97) on Information security in research and business
Anonymous authentication with subset queries (extended abstract)
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
Anomaly-based intrusion detection: privacy concerns and other problems
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Transaction-Based Pseudonyms in Audit Data for Privacy Respecting Intrusion Detection
RAID '00 Proceedings of the Third International Workshop on Recent Advances in Intrusion Detection
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
On Privacy Issues of Internet Access Services via Proxy Servers
Proceedings of the International Exhibition and Congress on Secure Networking - CQRE (Secure) '99
InfraSec '02 Proceedings of the International Conference on Infrastructure Security
Managing university internet access: balancing the need for security, privacy and digital evidence
Journal in Computer Virology
Non-expanding transaction specific pseudonymization for IP traffic monitoring
CANS'05 Proceedings of the 4th international conference on Cryptology and Network Security
PET'05 Proceedings of the 5th international conference on Privacy Enhancing Technologies
Hi-index | 0.00 |
In multilaterally secure intrusion detection systems (IDS) anonymity and accountability are potentially conflicting requirements. Since IDS rely on audit data to detect violations of security policy, we can balance above requirements by pseudonymization of audit data, as a form of reversible anonymization. We discuss previous work in this area and underlying trust models. Instead of relying on mechanisms external to the system, or under the control of potential adversaries, in our proposal we technically bind reidentification to a threshold, representing the legal purpose of accountability in the presence of policy violations. Also, we contrast our notion of threshold-based identity recovery with previous approaches and point out open problems.