A privacy-preserving alert correlation model

Jin Ma, Xiuzhen Chen, Jian-hua Li
{"title":"A privacy-preserving alert correlation model","authors":"Jin Ma, Xiuzhen Chen, Jian-hua Li","doi":"10.1109/PIC.2010.5687475","DOIUrl":null,"url":null,"abstract":"Data holders need to share the alerts data that they detected for correlation and analysis purpose. In such cases, privacy issues turn out to be a major concern. This paper proposes a model to correlate and analyze intrusion alerts with privacy-preserving capability. The raw intrusion alerts are protected by improved k-anonymity method, which preserves the alert regulation inside disturbed data records. Combining this privacy preserving method with typical FP-tree frequent pattern mining approach and WINEPI sequence pattern mining algorithm, an alert correlation model is set up to well balance the alert correlation and the privacy protection. Experimental results show that this model reaches close similarity of correlation and analysis result comparing with original FP-tree and WINEPI algorithm, while sensitive attributes are well preserved.","PeriodicalId":142910,"journal":{"name":"2010 IEEE International Conference on Progress in Informatics and Computing","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 IEEE International Conference on Progress in Informatics and Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PIC.2010.5687475","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

Abstract

Data holders need to share the alerts data that they detected for correlation and analysis purpose. In such cases, privacy issues turn out to be a major concern. This paper proposes a model to correlate and analyze intrusion alerts with privacy-preserving capability. The raw intrusion alerts are protected by improved k-anonymity method, which preserves the alert regulation inside disturbed data records. Combining this privacy preserving method with typical FP-tree frequent pattern mining approach and WINEPI sequence pattern mining algorithm, an alert correlation model is set up to well balance the alert correlation and the privacy protection. Experimental results show that this model reaches close similarity of correlation and analysis result comparing with original FP-tree and WINEPI algorithm, while sensitive attributes are well preserved.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
一个隐私保护警报关联模型
数据持有者需要共享他们为关联和分析目的检测到的警报数据。在这种情况下,隐私问题成为一个主要问题。本文提出了一个具有隐私保护能力的入侵警报关联和分析模型。采用改进的k-匿名方法保护原始入侵警报,该方法保留了受干扰数据记录内的警报规则。将该隐私保护方法与典型的FP-tree频繁模式挖掘方法和WINEPI序列模式挖掘算法相结合,建立了一个警报关联模型,很好地平衡了警报关联和隐私保护。实验结果表明,与原FP-tree和WINEPI算法相比,该模型在相关度和分析结果上接近,且敏感属性得到了很好的保留。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
Data compression of multispectral images for FY-2C geostationary meteorological satellite Redundant De Bruijn graph based location and routing for large-scale peer-to-peer system Content semantic filter based on Domain Ontology An isolated word recognition system based on DSP and improved dynamic time warping algorithm Research on Logistics Carbon Footprint Analysis System
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1