24,162 Hits in 5.2 sec

Secure Logging of Retained Data for an Anonymity Service [chapter]

Stefan Köpsell, Petr Švenda
2010 IFIP Advances in Information and Communication Technology  
A practical implementation of the proposed scheme was performed for the AN.ON anonymity service, but the scheme can be used for other services affected by data retention legislation.  ...  We have analyzed the newly arising risks associated with the process of accessing and storage of the retained data and propose a secure logging system, which utilizes cryptographic smart cards, trusted  ...  The authors would like to thank all anonymous reviewers, Jan Camenisch and Jakub Švenda for their valuable comments and Microsoft Research for the generous support which allowed the presentation of this  ... 
doi:10.1007/978-3-642-14282-6_24 fatcat:kdsvr4k2vbhlxcsokvw3jxjxru

Outsourcing Security Analysis with Anonymized Logs

Jianqing Zhang, Nikita Borisov, William Yurcik
2006 2006 Securecomm and Workshops  
In this paper we analyze the logs used for security analysis with the concern of privacy and propose the constraints on anonymization of security monitor logs.  ...  As security monitoring grows both more complicated and more sophisticated, there is an increased demand for outsourcing these tasks to Managed Security Service Providers (MSSPs).  ...  The use of anonymization as privacy-enhancing technique for facilitating the sharing of data for security monitoring is a growing area of study.  ... 
doi:10.1109/seccomw.2006.359577 dblp:conf/securecomm/ZhangBY06 fatcat:qasl67puorczxh7oyynqau6gau

Data Retention and Anonymity Services [chapter]

Stefan Berthold, Rainer Böhme, Stefan Köpsell
2009 IFIP Advances in Information and Communication Technology  
The reference architecture for our study is the anonymity service AN.ON, from which we also collect empirical data.  ...  The recently introduced legislation on data retention to aid prosecuting cyber-related crime in Europe also affects the achievable security of systems for anonymous communication on the Internet.  ...  An urgent question is which data exactly has to be logged by anonymity services such as AN.ON in order to comply with the data retention law.  ... 
doi:10.1007/978-3-642-03315-5_7 fatcat:zusspn6smvbqvojdvuf6k6cpci

Big Data Privacy and Management

Sanjay Thimmarayappa, Megha V
2014 International Journal of Computer Applications  
Along with the security concerns, data management also becomes an important factor to be considered.  ...  Therefore, traditional security mechanisms tailored to secure small-scale, static data are insufficient.  ...  Since most of this data is innocent, we can preserve anonymity by making sure that none of this data is retained.  ... 
doi:10.5120/18754-0012 fatcat:3w2i4aowojhtror7bz7ecnogx4


Francesco Bonchi, Elena Ferrari, Bradley Malin, Yücel Saygin
2007 SIGKDD Explorations  
In this report, we summarize the events of the First International Workshop on Privacy, Security, and Trust in KDD (PinKDD), which was held in conjunction with the 13 th ACM SIGKDD International Conference  ...  a data mining framework.  ...  Data mining technologies provide an ideal framework to assist in the analysis of such collections for computer security and surveillance-related endeavors.  ... 
doi:10.1145/1345448.1345469 fatcat:pfcz76sq2vaxjhfosltefdg5mi

Sharing Computer Network Logs for Security and Privacy: A Motivation for New Methodologies of Anonymization [article]

Adam J. Slagell, William Yurcik
2004 arXiv   pre-print
It is not until there are industry standards for multiple levels of anonymization that we will be able to move forward and achieve the goal of widespread sharing of logs for security researchers.  ...  It is widely recognized by the government and industry that it is both beneficial and desirable to share logs for the purpose of security research.  ...  The amount of time a name server retains cached data is controlled by the time-to-live (TTL) field for the data.  ... 
arXiv:cs/0409005v1 fatcat:bvnozgchejhnhdvso7iuohp5fu

Sharing network logs for computer forensics: a new tool for the anonymization of netflow records

A.J. Slagell, Yifan Li, K. Luo
2005 Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005.  
Ideally, they would support multiple levels of anonymization that trade-off between security-of the anonymization scheme-and utility-the amount of useful information retained in anonymized logs.  ...  Anonymization solutions should support multiple levels of anonymization to trade-off between security (of the anonymization scheme) and utility (of the anonymized log data).  ... 
doi:10.1109/seccmw.2005.1588293 fatcat:fgws6nfvcjagdbm5rpc3asnpee

Towards an Efficient Log Data Protection in Software Systems through Data Minimization and Anonymization

A. Omar Portillo-Dominguez, Vanessa Ayala-Rivera
2019 2019 7th International Conference in Software Engineering Research and Innovation (CONISOFT)  
In this paper, we propose an automatic approach (SafeLog) to filter out information and anonymize log streams to safeguard the confidentiality of sensitive data and prevent its exposure and misuse from  ...  IT infrastructures of companies generate large amounts of log data every day.  ...  Most of the existing work has evaluated the utility of anonymized network traces for detecting security threats [36] , [37] .  ... 
doi:10.1109/conisoft.2019.00024 fatcat:goeebqn23za6joulk5avoom2ay

Data Handling in the Smart Grid: Do We Know Enough? [chapter]

Richard Chow, Alvaro Cardenas, Emiliano De Cristofaro
2013 IFIP Advances in Information and Communication Technology  
Data privacy in the smart grid is an important requirement for consumers.  ...  Central to the data privacy issue is the handling of energyusage data, in particular, data retention, aggregation and anonymization.  ...  Some U.S. carriers store call activity logs for days, some for months, some even retain call and text message content.  ... 
doi:10.1007/978-3-642-45330-4_2 fatcat:if42xo5esnavpklfmkwqpn54me

An efficient and easily deployable method for dealing with DoS in SIP services

Zisis Tsiatsikas, Dimitris Geneiatakis, Georgios Kambourakis, Angelos D. Keromytis
2015 Computer Communications  
It also allows for the exchange of log files between different providers for cross-analysis or its submission to a single analysis center (as an outsourced service) in an opt-in basis.  ...  To this end, in the context of this paper, we assert that audit trails in VoIP can be a rich source of information toward flushing out DoS incidents and evaluating the security level of a given system.  ...  Anonymization of log files The privacy and security requirements of the proposed scheme are strongly related 215 to the robustness of the anonymization process conducted on the log files.  ... 
doi:10.1016/j.comcom.2014.11.002 fatcat:ib4lef6a2fb53go5k7vzflneea

A survey of current social network and online communication provision policies to support law enforcement identify offenders

Graeme Horsman
2017 Digital Investigation. The International Journal of Digital Forensics and Incident Response  
For each provision, account sign-up processes are evaluated and policies for retaining Internet Protocol logs and user account information are assessed along with the availability of account preservation  ...  Terms of service and privacy policies are reviewed to assess existing practices of data retention to evaluate the feasibility of law enforcement officials tracking those whose actions breach the law.  ...  Therefore log retention times can hinder investigation attempts. 2. Type of log data collected: The type of data collected is also key to an effective investigation.  ... 
doi:10.1016/j.diin.2017.03.001 fatcat:vhjj7fkkc5b4dlgf4xea47vm4e

Development of a Legal Framework for Intrusion Detection [chapter]

Steven R. Johnston
2002 Lecture Notes in Computer Science  
This trend creates significant opportunities to improve service delivery and to move into new areas of endeavour.  ...  Not only has the nature of the threat changed, so too has the scope of the protection problem. Protection of information systems is now seen as a component of national security.  ...  use of anonymizing techniques might not be sufficient to address this issue -if the disclosure of encryption keys can be forced, could providers of anonymizing services be forced by law to retain sufficient  ... 
doi:10.1007/3-540-36084-0_8 fatcat:76mtciw2xfdlplph4wtysm2vii

Pseudonymizing Unix Log Files [chapter]

Ulrich Flegel
2002 Lecture Notes in Computer Science  
Our tools are based on an approach to pseudonymizing Unix log files while balancing user requirements for anonymity and the service provider's requirements for accountability.  ...  By pseudonymizing identifying data in log files the association between the data and the real persons is hidden.  ...  Most of all Sven Bursch, Kai Grundmann, Stefan Magerstedt and Dennis Real deserve credit for their tireless work on the code as well as the measurements of the tools.  ... 
doi:10.1007/3-540-45831-x_12 fatcat:kvd26jhzlrd4vdrn3b72dmcxhe

FLAIM: A Multi-level Anonymization Framework for Computer and Network Logs [article]

Adam Slagell, Kiran Lakkaraju, Katherine Luo
2006 arXiv   pre-print
FLAIM (Framework for Log Anonymization and Information Management) addresses two important needs not well addressed by current log anonymizers.  ...  First, it is extremely modular and not tied to the specific log being anonymized.  ...  Consequently, in step with the growth of the computer security field, there has been an increase in the need for sound methods of sharing log data.  ... 
arXiv:cs/0606063v1 fatcat:vkz54255fjbnjngk63ozhy7zoe

An honest man has nothing to fear

Gregory Conti, Edward Sobiesk
2007 Proceedings of the 3rd symposium on Usable privacy and security - SOUPS '07  
In today's era of the global ubiquitous use of free online tools and business models that depend on data retention and customized advertising, we face a growing tension between the privacy concerns of  ...  to the views held by security professionals.  ...  Acknowledgments We would like to thank the New Security Paradigms Workshop and Defcon communities for their thoughtful feedback on the problem of web-based information disclosure.  ... 
doi:10.1145/1280680.1280695 dblp:conf/soups/ContiS07 fatcat:dehg464b5rdyblkv3qq2vcgobm
« Previous Showing results 1 — 15 out of 24,162 results