×

Enabling collaborative network security with privacy-preserving data aggregation. (English) Zbl 1230.68039

Berichte aus der Kommunikationstechnik; TIK-Schriftenreihe 125. Aachen: Shaker Verlag; Zürich: ETH Eidgenössische Technische Hochschule Zürich (Diss. ETH No. 19683) (ISBN 978-3-8440-0245-4/pbk). xvii, 186 p. (2011).
The objective of the book is to address some problems of cybersecurity. The first part of the book analyzes the effect of state-of-the-art data anonymization techniques on both data utility and privacy. The second part explores cryptographic alternatives to anonymization.
The book consists of the following chapters: (1) Introduction; (2) Anonymization techniques; (3) Impact of anonymization on data utility; (4) Identifying hosts in anonymized data; (5) The privacy-utility tradeoff; (6) Related work on anonymization; (7) The role of anonymization reconsidered; (8) Introduction to secure multiparty computation (MPC); (9) Making MPC practical; (10) SEPIA – a system overview; (11) Privacy-preserving protocols; (12) Performance evaluation; (13) Collaborative network troubleshooting in practice; (14) Related work on privacy-preserving technologies; (15) Conclusions.
Chapter 1 describes motivation, organization and contributions of the book. Chapter 2 discusses the IP address anonymization techniques (blackmarking, truncation, random permutation, prefix-preserving permutation, and partial prefix-preserving permutation) and techniques applied to fields other than IP addresses, such as port numbers or timestamps. The next chapter investigates how IP address anonymization techniques impact statistical network anomaly detection on flow data. Chapter 4 analyzes the host privacy in anonymized data: classification of attackers and experiments with live traffic data. Chapter 5 demonstrates how an attacker capable of injecting traffic into a network can reverse any IP address anonymization technique based on permutation, including hashing, enumeration, random permutation, or (partial) prefix-preserving permutation. The following chapter discusses measures for utility and privacy, and gives an overview over attacks against anonymization. Chapter 7 briefly describes the role of anonymization and its reconsidering. Then, an introduction to MPC based on Shamir’s secret-sharing scheme is given, which is used in all operations and protocols devised later on. Chapter 9 focuses on the optimization of the basic MPC operations for networking applications including the review of state-of-the-art approaches for doing comparisons in MPC and the illustration why these approaches are not very efficient. Chapter 10 describes the SEPIA library, in which a complete set of basic MPC primitives and the optimized operations from the previous chapter are implemented. This chapter starts with a definition of the two basic roles in SEPIA: input peers and privacy peers. It then specifies the adversary model and security assumptions made. Chapter 11 composes the basic operations introduced in Chapters 8 and 9 into full-blown protocols for network event correlation and statistics aggregation. Chapter 12 evaluates the resource requirements of our protocols in terms of running time and network bandwidth. This chapter also explores the impact of running selected protocols on PlanetLab, where hardware, network delay, and bandwidth are very heterogeneous. Then the developed collaborative protocols are applied to real traffic traces and it is analyzed how they are useful in troubleshooting traffic anomalies. Chapter 14 reviews related work on privacy-preserving data analysis: it gives an overview over secure MPC and techniques based on randomization and data perturbation, and discusses related work for the privacy-preserving top-\(k\) problem and approaches that use specific system architectures to analyze data in a privacy-preserving way. The final chapter summarizes the contributions of this book and outlines future work.

MSC:

68M10 Network design and communication in computer systems
68M12 Network protocols
94A12 Signal theory (characterization, reconstruction, filtering, etc.)
94A62 Authentication, digital signatures and secret sharing
68-02 Research exposition (monographs, survey articles) pertaining to computer science

Software:

PlanetLab
PDFBibTeX XMLCite
Full Text: Link