SAX: A Privacy Preserving General Purpose Method applied to Detection of Intrusions

François Trousset 1 Pascal Poncelet 2 Florent Masseglia 3
2 TATOO - Fouille de données environnementales
LIRMM - Laboratoire d'Informatique de Robotique et de Microélectronique de Montpellier
3 AxIS - Usage-centered design, analysis and improvement of information systems
CRISAM - Inria Sophia Antipolis - Méditerranée , Inria Paris-Rocquencourt
Abstract : To overcome the problem of attacks on networks, new Intrusion Detection System (IDS) approaches have been proposed in recent years. They consist in identifying signatures of known attacks to compare them to each request and determine whether it is an attack or not. However, these methods are set to default when the attack is unknown However, it is frequent that an attack has already been detected by another organization and it would be useful to be able to benefit from this knowledge to enrich the database of signatures. Unfortunately this information is not so easy to obtain. In fact organizations do not necessarily want to spread the information that they have already faced this type of attack. In this paper we propose a new approach to intrusion detection in a collaborative environment but by preserving the privacy of the collaborative organizations. Our approach works for any signature even if it needs a complex program to be detected and insure that no information is disclosed on the content of any of the sites. For this pupose, we have developped a general method (sax) that allows to compute any algorithm while preserving privacy of data and also of the program code which is computed.
Type de document :
Communication dans un congrès
ACM First International Workshop on Privacy and Anonymity for Very Large Datasets, join with CIKM 09, pp.17-24, 2009
Liste complète des métadonnées

Littérature citée [12 références]  Voir  Masquer  Télécharger

https://hal-lirmm.ccsd.cnrs.fr/lirmm-00430646
Contributeur : Pascal Poncelet <>
Soumis le : lundi 9 novembre 2009 - 14:05:47
Dernière modification le : lundi 15 janvier 2018 - 13:10:03
Document(s) archivé(s) le : mardi 16 octobre 2012 - 13:31:35

Fichier

pavlad09_5.pdf
Fichiers éditeurs autorisés sur une archive ouverte

Identifiants

  • HAL Id : lirmm-00430646, version 1

Citation

François Trousset, Pascal Poncelet, Florent Masseglia. SAX: A Privacy Preserving General Purpose Method applied to Detection of Intrusions. ACM First International Workshop on Privacy and Anonymity for Very Large Datasets, join with CIKM 09, pp.17-24, 2009. 〈lirmm-00430646〉

Partager

Métriques

Consultations de la notice

330

Téléchargements de fichiers

184