Two tiered privacy enhanced intrusion detection system architecture

Proceedings of the 5th IEEE International Workshop on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications, IDAACS'2009

Volumn , Issue , 2009, Pages 8-14

  Ulltveit Moe, Nils ^a   Oleshchuk, Vladimir ^a  

^a UNIVERSITY OF AGDER   (Norway)

Author keywords

IDS; Network monitoring; Outsourcing; Privacy policy; XACML

Indexed keywords

DATA FORENSICS; IDS; INTRUSION DETECTION SYSTEMS; LAW-ENFORCEMENT AGENCIES; NETWORK MONITORING; PRIVACY POLICIES; PRIVACY PRESERVING; THIRD PARTIES;

COMPUTER CRIME; OUTSOURCING; TECHNOLOGY TRANSFER;

INTRUSION DETECTION;

EID: 74549209108     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/IDAACS.2009.5343035     Document Type: Conference Paper

References (26)

1. European Commission. (2006) Directive 2006/24/ec. [Online]. Available: http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:32006L0024:EN:HTML
2. T. Moses (ed). (2005) OASIS eXtensible Access Control Markup Language (XACML) Version 2.0. [Online]. Available: http://docs.oasis-open.org/xacml/2.0/ access-control-xacml-2.0-core-spec-os.pdf
3. H. Debar, D. Curry, B. Feinstein. (2007) The intrusion detection message exchange format (IDMEF). [Online]. Available: http://www.ietf.org/rfc/rfc4765. txt
4. B. Feinstein, G. Matthews. (2007) The intrusion detection exchange protocol (IDXP). [Online]. Available: http://www.ietf. org/rfc/rfc4767.txt
5. R. Danyliw, J. Meijer, Y. Demchenko. (2007) The incident object description exchange format. [Online]. Available: http://www.rfc-editor.org/rfc/ rfc5070.txt
6. K. M. Moriarty, B. H. Trammell. (2008) IODEF/RID over SOAP. [Online]. Available: http://www.ietf.org/internet-drafts/draft-moriarty-post- inch-rid- soap- 05.txt
7. INET Research Group, TU-Berlin. (2008) Time machine. [Online]. Available: http://www.net.t-labs.tu-berlin.de/research/tm
8. R. Büschkes, D. Kesdogan, "Privacy enhanced intrusion detection," in Multilateral Security in Communications, Information Security, G. Müller and K. Rannenberg, Eds. Addison Wesley, 1999, pp. 187-204.
9. C. Powers, M. Schunter (ed). (2003) Enterprise privacy authorization language (EPAL 1.2). [Online]. Available: http://www.zurich.ibm.com/security/ enterprise-privacy/epal/ Specification/index.html
10. M. Marchiori (ed). (2002) The platform for privacy preferences 1.0 specification. [Online]. Available: http://www.w3.org/TR/P3P
11. P. Periorellis, Securing Web Services. Idi Global, October 2007.
12. N. Ulltveit-Moe. (2009) Two-tier XACML policy for IDS. [Online]. Available: http://u-moe.org/twotierids/policy.xml
13. Lawrence Berkeley National Laboratory. (2009) Bro intrusion detection system. [Online]. Available: http://bro-ids.org
14. Y. Vandoorselare. (2009) Preludeids. [Online]. Available: http://www.prelude-ids.com
15. M. Roesch. (2009) Snort. http://www.snort.org.
16. Tenable Network Security. (2009) Nessus. [Online]. Available: http://www.nessus.org
17. R. Pang and V. Paxson, "A high-level programming environment for packet trace anonymization and transformation," in Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications. Karlsruhe, Germany: ACM, 2003, pp. 339-351.
18. T. Holz, "An efficient distributed intrusion detection scheme," in COMPSAC Workshops, 2004, pp. 39-40.
19. M. Sobirey, S. Fischer-Hübner, and K. Rannenberg, "Pseudonymous audit for privacy enhanced intrusion detection," in Proceedings of the IFIP TC11 13th International Conference on Information Security (SEC'97), May 1997, pp. 151-163.
20. S. Fischer-Hübner, IDA - An Intrusion Detection and Avoidance System (in German). Aachen, Shaker, 2007.
21. M. Sobirey, B. Richter, and H. König, "The intrusion detection system AID - architecture and experiences in automated audit trail analysis," in Proceedings of the IFIP TC6/TC11 International Conference on Communications and Multimedia Security, 1996, pp. 278-290.
22. U. Flegel, Privacy-Respecting Intrusion Detection. Springer, October 2007.
23. MIT Kerberos Team. (2009) Kerberos: The network authentication protocol. [Online]. Available: http://web.mit.edu/Kerberos
24. LOBSTER Consortium. (2007) Large-scale monitoring of broadband internet infrastructures. Electronic citation. [Online]. Available: http://www.ist- lobster.org
25. G. Bianchi et al., "Towards privacy-preserving network monitoring: Issues and challenges," in Personal, Indoor and Mobile Radio Communications, 2007. PIMRC 2007. IEEE 18th International Symposium on, 2007, pp. 1-5.
26. B. Claise (ed). (2008) Specification of the IP flow information export (IPFIX) protocol for the exchange of IP traffic flow information. [Online]. Available: http://www.ietf.org/rfc/rfc5101.txt