Download now Free registration required
To intelligently create policies governing the anonymization of network logs, one must analyze the effects of anonymization on both the security and utility of sanitized data. This paper focuses on analyzing the utility of network traces post-anonymization. Any measure of utility is subjective to the type of analysis being performed. This work focuses on utility for the task of attack detection since attack detection is an important part of an incident responders daily responsibilities. The paper employs a methodology developed that analyzes the effect of anonymization on Intrusion Detection Systems (IDS), and provides the first rigorous analysis of single field anonymization on IDS effectiveness.
- Format: PDF
- Size: 262.8 KB