Title :
Privacy/Analysis Tradeoffs in Sharing Anonymized Packet Traces: Single-Field Case
Author :
Yurcik, William ; Woolam, Clay ; Hellings, Greg ; Khan, Latifur ; Thuraisingham, Bhavani
Author_Institution :
Univ. of Texas at Dallas, Dallas, TX
Abstract :
Network data needs to be shared for distributed security analysis. Anonymization of network data for sharing sets up a fundamental tradeoff between privacy protection versus security analysis capability. This privacy/analysis tradeoff has been acknowledged by many researchers but this is the first paper to provide empirical measurements to characterize the privacy/analysis tradeoff for an enterprise dataset. Specifically we perform anonymization options on single-fields within network packet traces and then make measurements using intrusion detection system alarms as a proxy for security analysis capability. Our results show: (1) two fields have a zero sum tradeoff (more privacy lessens security analysis and vice versa) and (2) eight fields have a more complex tradeoff (that is not zero sum) in which both privacy and analysis can both be simultaneously accomplished.
Keywords :
data privacy; security of data; anonymized packet traces; distributed security analysis; intrusion detection system alarms; network data; privacy protection; security analysis capability; Access control; Automation; Collaboration; Data privacy; Data security; Information analysis; Information security; Pattern analysis; Protection; Risk analysis; privacy-enhanced security data sharing;
Conference_Titel :
Availability, Reliability and Security, 2008. ARES 08. Third International Conference on
Conference_Location :
Barcelona
Print_ISBN :
978-0-7695-3102-1
DOI :
10.1109/ARES.2008.189
