@inproceedings{c069136efdca47a88746892450124e7a,
title = "Evaluating the utility of anonymized network traces for intrusion detection",
abstract = "To intelligently create policies governing the anonymization of network logs, one must analyze the effects of anonymiza-tion on both the security and utility of sanitized data. In this paper, we focus on analyzing the utility of network traces post-anonymization. Any measure of utility is subjective to the type of analysis being performed. This work focuses on utility for the task of attack detection since attack detection is an important part of an incident responders daily responsibilities. We employ a methodology we developed that analyzes the effect of anonymization on Intrusion Detection Systems (IDS), and we provide the first rigorous analysis of single field anonymization on IDS effectiveness. Through this work we can begin to answer the questions of whether the field affects anonymization more than the algorithm; which fields have a larger impact on utility; and which anonymization algorithms have a larger impact on utility.",
keywords = "Anonymization, Data sanitization, FLAIM, Intrusion detection, Metrics",
author = "Kiran Lakkaraju and Adam Slagell",
year = "2008",
doi = "10.1145/1460877.1460899",
language = "English (US)",
isbn = "9781605582412",
series = "Proceedings of the 4th International Conference on Security and Privacy in Communication Networks, SecureComm'08",
booktitle = "Proceedings of the 4th International Conference on Security and Privacy in Communication Networks, SecureComm'08",
note = "4th International Conference on Security and Privacy in Communication Networks, SecureComm'08 ; Conference date: 22-09-2008 Through 25-09-2008",
}