Skip to Content
[CAIDA - Center for Applied Internet Data Analysis logo]
Center for Applied Internet Data Analysis
www.caida.org > publications : bib : networking : entries : yurcik_trusted_sharing.xml
Bibliography Details
W. Yurcik, C. Woolam, G. Hellings, L. Khan, and B. Thuraisingham, "Toward Trusted Sharing of Network Packet Traces Using Anonymization: Single-Field Privacy/Analysis Tradeoffs", ACM Computing Research Repository (CoRR), 2007.
Toward Trusted Sharing of Network Packet Traces Using Anonymization: Single-Field Privacy/Analysis Tradeoffs
Authors: W. Yurcik
C. Woolam
G. Hellings
L. Khan
B. Thuraisingham
Published: ACM Computing Research Repository (CoRR), 2007
URL:http://arxiv.org/abs/0710.3979
ENTRY DATE: 2008-06-16
ABSTRACT: Network data needs to be shared for distributed security analysis. Anonymization of network data for sharing sets up a fundamental tradeoff between privacy protection versus security analysis capability. This privacy/analysis tradeoff has been acknowledged by many researchers but this is the first paper to provide empirical measurements to characterize the privacy/analysis tradeoff for an enterprise dataset. Specifically we perform anonymization options on single-fields within network packet traces and then make measurements using intrusion detection system alarms as a proxy for security analysis capability. Our results show: (1) two fields have a zero sum tradeoff (more privacy lessens security analysis and vice versa) and (2) eight fields have a more complex tradeoff (that is not zero sum) in which both privacy and analysis can both be simultaneously accomplished.
  Last Modified: Fri Oct-25-2019 12:31:29 PDT
  Page URL: http://www.caida.org/publications/bib/networking/entries/yurcik_trusted_sharing.xml