Diffie-Hellman key distribution extended to group communication
CCS '96 Proceedings of the 3rd ACM conference on Computer and communications security
Bro: a system for detecting network intruders in real-time
Computer Networks: The International Journal of Computer and Telecommunications Networking
Space/time trade-offs in hash coding with allowable errors
Communications of the ACM
Provably authenticated group Diffie-Hellman key exchange
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Distributed audit trail analysis
SNDSS '95 Proceedings of the 1995 Symposium on Network and Distributed System Security (SNDSS'95)
A high-level programming environment for packet trace anonymization and transformation
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Information sharing across private databases
Proceedings of the 2003 ACM SIGMOD international conference on Management of data
Terra: a virtual machine-based platform for trusted computing
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Collaborative Intrusion Detection System (CIDS): A Framework for Accurate and Efficient IDS
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
State-of-the-art in privacy preserving data mining
ACM SIGMOD Record
Private collaborative forecasting and benchmarking
Proceedings of the 2004 ACM workshop on Privacy in the electronic society
Computer Networks: The International Journal of Computer and Telecommunications Networking
Random-data perturbation techniques and privacy-preserving data mining
Knowledge and Information Systems
Remote Physical Device Fingerprinting
IEEE Transactions on Dependable and Secure Computing
The devil and packet trace anonymization
ACM SIGCOMM Computer Communication Review
Collaborating against common enemies
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Privacy-preserving sharing and correction of security alerts
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Mapping internet sensors with probe response attacks
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
FLAIM: a multi-level anonymization framework for computer and network logs
LISA '06 Proceedings of the 20th conference on Large Installation System Administration
ABACUS: a distributed middleware for privacy preserving data sharing across private data warehouses
Proceedings of the ACM/IFIP/USENIX 2005 International Conference on Middleware
Public-key cryptosystems based on composite degree residuosity classes
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Distance-preserving pseudonymization for timestamps and spatial data
Proceedings of the 2007 ACM workshop on Privacy in electronic society
Secure and auditable agent-based e-marketplace framework for mobile users
Computer Standards & Interfaces
Cooperation enablement for centralistic early warning systems
Proceedings of the 2010 ACM Symposium on Applied Computing
Privacy-preserving pattern matching for anomaly detection in RFID anti-counterfeiting
RFIDSec'10 Proceedings of the 6th international conference on Radio frequency identification: security and privacy issues
SEPIA: privacy-preserving aggregation of multi-domain network events and statistics
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Privacy-preserving distributed network troubleshooting—bridging the gap between theory and practice
ACM Transactions on Information and System Security (TISSEC)
| Hi-index | 0.00 |
Recent trends in Internet computing have led to the popularization of many forms of virtual organizations. Examples include supply chain management, grid computing, and collaborative research environments like PlanetLab. Unfortunately, when it comes to the security analysis of these systems, the whole is certainly greater than the sum of its parts. That is, local intrusion detection and audit practices are insufficient for detecting distributed attacks such as coordinated network reconnaissance, stepping-stone attacks, and violations of application-level trust constraints between security domains. A distributed process that coordinates information from each member could detect these types of violations, but privacy concerns between member organizations or safety concerns about centralizing sensitive information often restrict this level of information flow. In this paper, we propose a privacy-preserving framework for distributed audit that allows member organizations to detect distributed attacks without requiring the release of excessive private information. We discuss both the architecture and mechanisms used in our approach and comment on the performance of a prototype implementation.