Crowds: anonymity for Web transactions
ACM Transactions on Information and System Security (TISSEC)
A method to compress and anonymize packet traces
IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
On the design and performance of prefix-preserving IP traffic trace anonymization
IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
Code red worm propagation modeling and analysis
Proceedings of the 9th ACM conference on Computer and communications security
A reputation-based approach for choosing reliable resources in peer-to-peer networks
Proceedings of the 9th ACM conference on Computer and communications security
Code-Red: a case study on the spread and victims of an internet worm
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Probabilistic Alert Correlation
RAID '00 Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection
Aggregation and Correlation of Intrusion-Detection Alerts
RAID '00 Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection
Proactive Secret Sharing Or: How to Cope With Perpetual Leakage
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Keying Hash Functions for Message Authentication
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
How to Own the Internet in Your Spare Time
Proceedings of the 11th USENIX Security Symposium
Tools for privacy preserving distributed data mining
ACM SIGKDD Explorations Newsletter
A high-level programming environment for packet trace anonymization and transformation
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Information sharing across private databases
Proceedings of the 2003 ACM SIGMOD international conference on Management of data
Anonymous Connections and Onion Routing
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Practical Techniques for Searches on Encrypted Data
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
IEEE Security and Privacy
Inferring internet denial-of-service activity
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Data Obfuscation: Anonymity and Desensitization of Usable Data Sets
IEEE Security and Privacy
Privacy-preserving payload-based correlation for accurate malicious traffic detection
Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense
A privacy-preserving interdomain audit framework
Proceedings of the 5th ACM workshop on Privacy in electronic society
Privacy-Enabled Global Threat Monitoring
IEEE Security and Privacy
Collaborating against common enemies
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
Mapping internet sensors with probe response attacks
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
NSPW '06 Proceedings of the 2006 workshop on New security paradigms
Large-scale collection and sanitization of network security data: risks and challenges
NSPW '06 Proceedings of the 2006 workshop on New security paradigms
Probabilistic analysis of onion routing in a black-box model
Proceedings of the 2007 ACM workshop on Privacy in electronic society
Distance-preserving pseudonymization for timestamps and spatial data
Proceedings of the 2007 ACM workshop on Privacy in electronic society
Security against probe-response attacks in collaborative intrusion detection
Proceedings of the 2007 workshop on Large scale attack defense
Evaluating the utility of anonymized network traces for intrusion detection
Proceedings of the 4th international conference on Security and privacy in communication netowrks
A taxonomy and adversarial model for attacks against network log anonymization
Proceedings of the 2009 ACM symposium on Applied Computing
Trustworthy Log Reconciliation for Distributed Virtual Organisations
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
Cooperation enablement for centralistic early warning systems
Proceedings of the 2010 ACM Symposium on Applied Computing
Privacy-preserving pattern matching for anomaly detection in RFID anti-counterfeiting
RFIDSec'10 Proceedings of the 6th international conference on Radio frequency identification: security and privacy issues
CollSec'10 Proceedings of the 2010 international conference on Collaborative methods for security and privacy
SEPIA: privacy-preserving aggregation of multi-domain network events and statistics
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Privacy-preserving distributed network troubleshooting—bridging the gap between theory and practice
ACM Transactions on Information and System Security (TISSEC)
Privacy-preserving outsourcing of brute-force key searches
Proceedings of the 3rd ACM workshop on Cloud computing security workshop
Requirements of information reductions for cooperating intrusion detection agents
ETRICS'06 Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security
Countering identity theft through digital uniqueness, location cross-checking, and funneling
FC'05 Proceedings of the 9th international conference on Financial Cryptography and Data Security
Anonymity and privacy in distributed early warning systems
CRITIS'10 Proceedings of the 5th international conference on Critical Information Infrastructures Security
An orchestration approach for unwanted Internet traffic identification
Computer Networks: The International Journal of Computer and Telecommunications Networking
Practical private information aggregation in large networks
NordSec'10 Proceedings of the 15th Nordic conference on Information Security Technology for Applications
Probabilistic analysis of onion routing in a black-box model
ACM Transactions on Information and System Security (TISSEC)
Towards automatic assembly of privacy-preserved intrusion signatures
TrustBus'07 Proceedings of the 4th international conference on Trust, Privacy and Security in Digital Business
A move in the security measurement stalemate: elo-style ratings to quantify vulnerability
Proceedings of the 2012 workshop on New security paradigms
| Hi-index | 0.00 |
We present a practical scheme for Internet-scale collaborative analysis of information security threats which provides strong privacy guarantees to contributors of alerts. Wide-area analysis centers are proving a valuable early warning service against worms, viruses, and other malicious activities. At the same time, protecting individual and organizational privacy is no longer optional in today's business climate. We propose a set of data sanitization techniques and correlation, while maintaining privacy for alert contributors. Our approach is practical, scalable, does not rely on trusted third parties or secure multiparty computation schemes, and does not require sophisticated schemes, and does not require sophisticated key management.