Title :
An Approach to Privacy-Preserving Alert Correlation and Analysis
Author :
Ma, Jin ; Chen, Xiu-zhen ; Li, Jian-Hua
Author_Institution :
Electron. Inf. & Electr. Eng. Sch., Shanghai Jiao Tong Univ., Shanghai, China
Abstract :
Privacy issues are concerned when data holders share their detected security data for correlation and analysis purpose. This paper proposes an approach to correlate and analyze intrusion alerts, while preserve privacy for alert holders. The raw intrusion alerts are protected by improved k-anonymity model, which preserves the alert regulation inside disturbed data records. With this privacy preserving technique, combing the typical FP-tree association rules mining algorithm, the approach provides the capacity of well balancing the alert correlation and the privacy preservation. Experimental results show that this approach works comparatively efficient and reaches a well balance between the alerts correlation and the privacy issues.
Keywords :
data privacy; security of data; alert holder; data holder; intrusion alert; k-anonymity model; privacy preservation; privacy-preserving alert correlation; rules mining algorithm; security data; Algorithm design and analysis; Association rules; Correlation; Intrusion detection; Privacy; alert correlation; frequent pattern; intrusion detection; k-anonymity; privacy preserving;
Conference_Titel :
Services Computing Conference (APSCC), 2010 IEEE Asia-Pacific
Conference_Location :
Hangzhou
Print_ISBN :
978-1-4244-9396-8
DOI :
10.1109/APSCC.2010.85
