PRIvacy LEakage Methodology (PRILE) for IDS Rules

Abstract : This paper introduces a methodology for evaluating PRIvacy LEakage in signature-based Network Intrusion Detection System (IDS) rules. IDS rules that expose more data than a given percentage of all data sessions are defined as privacy leaking. Furthermore, it analyses the IDS rule attack specific pattern size required in order to keep the privacy leakage below a given threshold, presuming that occurrence frequencies of the attack pattern in normal text are known. We have applied the methodology on the network intrusion detection system Snort's rule set. The evaluation confirms that Snort in its default configuration aims at not being excessively privacy invasive. However we have identified some types of rules rules with poor or missing ability to distinguish attack traffic from normal traffic.
Type de document :
Communication dans un congrès
Michele Bezzi; Penny Duquenoy; Simone Fischer-Hübner; Marit Hansen; Ge Zhang. 5th IFIP WG 9.2, 9.6/11.4, 11.6, 11.7/PrimeLife International Summer School(PRIMELIFE), Sep 2009, Nice, France. Springer, IFIP Advances in Information and Communication Technology, AICT-320, pp.213-225, 2010, Privacy and Identity Management for Life. 〈10.1007/978-3-642-14282-6_17〉
Liste complète des métadonnées

Littérature citée [14 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01061167
Contributeur : Hal Ifip <>
Soumis le : vendredi 5 septembre 2014 - 11:31:57
Dernière modification le : mardi 8 août 2017 - 17:36:26
Document(s) archivé(s) le : vendredi 14 avril 2017 - 13:26:31

Fichier

nils.pdf
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Nills Ulltveit-Moe, Vladimir Oleshchuk. PRIvacy LEakage Methodology (PRILE) for IDS Rules. Michele Bezzi; Penny Duquenoy; Simone Fischer-Hübner; Marit Hansen; Ge Zhang. 5th IFIP WG 9.2, 9.6/11.4, 11.6, 11.7/PrimeLife International Summer School(PRIMELIFE), Sep 2009, Nice, France. Springer, IFIP Advances in Information and Communication Technology, AICT-320, pp.213-225, 2010, Privacy and Identity Management for Life. 〈10.1007/978-3-642-14282-6_17〉. 〈hal-01061167〉

Partager

Métriques

Consultations de la notice

429

Téléchargements de fichiers

455