Privacy-preserving data mining
SIGMOD '00 Proceedings of the 2000 ACM SIGMOD international conference on Management of data
Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
A requires/provides model for computer attacks
Proceedings of the 2000 workshop on New security paradigms
On the design and performance of prefix-preserving IP traffic trace anonymization
IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
Probabilistic Alert Correlation
RAID '00 Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection
Aggregation and Correlation of Intrusion-Detection Alerts
RAID '00 Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection
Traffic Analysis Attacks and Trade-Offs in Anonymity Providing Systems
IHW '01 Proceedings of the 4th International Workshop on Information Hiding
From a Trickle to a Flood: Active Attacks on Several Mix Types
IH '02 Revised Papers from the 5th International Workshop on Information Hiding
Revealing information while preserving privacy
Proceedings of the twenty-second ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Limiting privacy breaches in privacy preserving data mining
Proceedings of the twenty-second ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Internet intrusions: global characteristics and prevalence
SIGMETRICS '03 Proceedings of the 2003 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Journal of Computer and System Sciences - Special issue on PODS 2000
On Effectiveness of Link Padding for Statistical Traffic Analysis Attacks
ICDCS '03 Proceedings of the 23rd International Conference on Distributed Computing Systems
A high-level programming environment for packet trace anonymization and transformation
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Sketch-based change detection: methods, evaluation, and applications
Proceedings of the 3rd ACM SIGCOMM conference on Internet measurement
Locality: a new paradigm for thinking about normal behavior and outsider threat
Proceedings of the 2003 workshop on New security paradigms
Structure preserving anonymization of router configuration data
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
More Netflow Tools for Performance and Security
LISA '04 Proceedings of the 18th USENIX conference on System administration
Low-Cost Traffic Analysis of Tor
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Remote Physical Device Fingerprinting
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Proceedings of the twenty-fourth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Practical privacy: the SuLQ framework
Proceedings of the twenty-fourth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Obfuscated databases and group privacy
Proceedings of the 12th ACM conference on Computer and communications security
Privacy-Preserving Alert Correlation: A Concept Hierarchy Based Approach
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
The devil and packet trace anonymization
ACM SIGCOMM Computer Communication Review
MisleadingWorm Signature Generators Using Deliberate Noise Injection
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Privacy-preserving sharing and correction of security alerts
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Tor: the second-generation onion router
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Mapping internet sensors with probe response attacks
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Experience with an object reputation system for peer-to-peer filesharing
NSDI'06 Proceedings of the 3rd conference on Networked Systems Design & Implementation - Volume 3
Low latency anonymity with mix rings
ISC'06 Proceedings of the 9th international conference on Information Security
Toward privacy in public databases
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Allergy attack against automatic signature generation
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
Paragraph: thwarting signature learning by training maliciously
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
Privacy-Enabled Global Threat Monitoring
IEEE Security and Privacy
A taxonomy and adversarial model for attacks against network log anonymization
Proceedings of the 2009 ACM symposium on Applied Computing
Dartmouth internet security testbed (DIST: building a campus-wide wireless testbed
CSET'09 Proceedings of the 2nd conference on Cyber security experimentation and test
Dartmouth internet security testbed (DIST: building a campus-wide wireless testbed
CSET'09 Proceedings of the 2nd conference on Cyber security experimentation and test
Relationships and data sanitization: a study in scarlet
Proceedings of the 2010 workshop on New security paradigms
Privacy-preserving pattern matching for anomaly detection in RFID anti-counterfeiting
RFIDSec'10 Proceedings of the 6th international conference on Radio frequency identification: security and privacy issues
CollSec'10 Proceedings of the 2010 international conference on Collaborative methods for security and privacy
SEPIA: privacy-preserving aggregation of multi-domain network events and statistics
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Hi-index | 0.00 |
Over the last several years, there has been an emerging interest in the development of wide-area data collection and analysis centers to help identify, track, and formulate responses to the ever-growing number of coordinated attacks and malware infections that plague computer networks worldwide. As large-scale network threats continue to evolve in sophistication and extend to widely deployed applications, we expect that interest in collaborative security monitoring infrastructures will continue to grow, because such attacks may not be easily diagnosed from a single point in the network. The intent of this position paper is not to argue the necessity of Internet-scale security data sharing infrastructures, as there is ample research [13, 48, 51, 54, 41, 47, 42] and operational examples [43, 17, 32, 53] that already make this case. Instead, we observe that these well-intended activities raise a unique set of risks and challenges. We outline some of the most salient issues faced by global network security centers, survey proposed defense mechanisms, and pose several research challenges to the computer security community. We hope that this position paper will serve as a stimulus to spur groundbreaking new research in protection and analysis technologies that can facilitate the collaborative sharing of network security data while keeping data contributors safe and secure.