TY - GEN
T1 - A privacy-preserving interdomain audit framework
AU - Lee, Adam J.
AU - Tabriz, Parisa
AU - Borisov, Nikita
N1 - Copyright:
Copyright 2013 Elsevier B.V., All rights reserved.
PY - 2006
Y1 - 2006
N2 - Recent trends in Internet computing have led to the popularization of many forms of virtual organizations. Examples include supply chain management, grid computing, and collaborative research environments like PlanetLab. Unfortunately, when it comes to the security analysis of these systems, the whole is certainly greater than the sum of its parts. That is, local intrusion detection and audit practices are insufficient for detecting distributed attacks such as coordinated network reconnaissance, stepping-stone attacks, and violations of application-level trust constraints between security domains. A distributed process that coordinates information from each member could detect these types of violations, but privacy concerns between member organizations or safety concerns about centralizing sensitive information often restrict this level of information flow. In this paper, we propose a privacy-preserving framework for distributed audit that allows member organizations to detect distributed attacks without requiring the release of excessive private information. We discuss both the architecture and mechanisms used in our approach and comment on the performance of a prototype implementation.
AB - Recent trends in Internet computing have led to the popularization of many forms of virtual organizations. Examples include supply chain management, grid computing, and collaborative research environments like PlanetLab. Unfortunately, when it comes to the security analysis of these systems, the whole is certainly greater than the sum of its parts. That is, local intrusion detection and audit practices are insufficient for detecting distributed attacks such as coordinated network reconnaissance, stepping-stone attacks, and violations of application-level trust constraints between security domains. A distributed process that coordinates information from each member could detect these types of violations, but privacy concerns between member organizations or safety concerns about centralizing sensitive information often restrict this level of information flow. In this paper, we propose a privacy-preserving framework for distributed audit that allows member organizations to detect distributed attacks without requiring the release of excessive private information. We discuss both the architecture and mechanisms used in our approach and comment on the performance of a prototype implementation.
KW - data obfuscation
KW - distributed audit
KW - logging
UR - http://www.scopus.com/inward/record.url?scp=84885226697&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84885226697&partnerID=8YFLogxK
U2 - 10.1145/1179601.1179620
DO - 10.1145/1179601.1179620
M3 - Conference contribution
AN - SCOPUS:84885226697
SN - 1595935568
SN - 9781595935564
T3 - Proceedings of the ACM Conference on Computer and Communications Security
SP - 99
EP - 108
BT - Proceedings of the 5th ACM Workshop on Privacy in Electronic Society, WPES 2006, Co-located with the 13th ACM Conference on Computer and Communications Security, CCS 2006
T2 - 5th ACM Workshop on Privacy in Electronic Society, WPES 2006, Co-located with the 13th ACM Conference on Computer and Communications Security, CCS 2006
Y2 - 30 October 2006 through 30 October 2006
ER -