Multi-observer privacy-preserving Hidden Markov Models

Author

Nguyen, Hung X. ; Roughan, Matthew

Author_Institution

Sch. of Math. Sci., Univ. of Adelaide, Adelaide, SA, Australia

fYear

2012

fDate

16-20 April 2012

Firstpage

514

Lastpage

517

Abstract

Detection of malicious traffic and network health problems would be much easier if ISPs shared their data. Unfortunately, they are reluctant to share because doing so would either violate privacy legislation or expose business secrets. However, secure distributed computation allows calculations to be made using private data, without leaking this data. This paper presents such a method, allowing multiple parties to jointly infer a Hidden Markov Model (HMM) for traffic and/or user behaviour in order to detect anomalies. We extend prior work on HMMs in network security to include observations from multiple ISPs and develop secure protocols to infer the model parameters without revealing the private data. We implement a prototype of the protocols, and our experiments with the prototype show its has a reasonable computational and communications overhead, making it practical for adoption by ISPs.

Keywords

Internet; computer network security; cryptographic protocols; hidden Markov models; HMM; anomaly detection; business secrets; communications overhead; computational overhead; malicious traffic; multi-observer privacy-preserving hidden Markov models; multiple ISP; multiple parties; network health problems; network security; privacy legislation; private data; secure distributed computation; secure protocols; user behaviour; Computational modeling; Encryption; Hidden Markov models; Markov processes; Protocols;

fLanguage

English

Publisher

ieee

Conference_Titel

Network Operations and Management Symposium (NOMS), 2012 IEEE

Conference_Location

Maui, HI

ISSN

1542-1201

Print_ISBN

978-1-4673-0267-8

Electronic_ISBN

1542-1201

Type

conf

DOI

10.1109/NOMS.2012.6211944

Filename

6211944