|
ABSTRACT:
|
We present a practical scheme for Internet-scale collaborative analysis
of information security threats which provides strong privacy guarantees
to contributors of alerts. Wide-area analysis centers are proving a
valuable early warning service against worms, viruses, and other
malicious activities. At the same time, protecting individual and
organizational privacy is no longer optional in today's business
climate. We propose a set of data sanitization techniques that enable
community alert aggregation and correlation, while maintaining privacy
for alert contributors. Our approach is practical, scalable, does not
rely on trusted third parties or secure multiparty computation schemes,
and does not require sophisticated key management.
|