Security '04 Paper
[Security '04 Technical Program]
Privacy-Preserving Sharing and Correlation of
Patrick Lincoln1 &
Phillip Porras2 &
We present a practical scheme for Internet-scale collaborative analysis
of information security threats which provides strong privacy guarantees
to contributors of alerts. Wide-area analysis centers are proving
a valuable early warning service against worms, viruses, and other
malicious activities. At the same time, protecting individual and
organizational privacy is no longer optional in today's business climate.
We propose a set of data sanitization techniques that enable community
alert aggregation and correlation, while maintaining privacy for alert
contributors. Our approach is practical, scalable, does not rely on
trusted third parties or secure multiparty computation schemes, and does
not require sophisticated key management.