Abstract
In multilaterally secure intrusion detection systems (IDS) anonymity and accountability are potentially conflicting requirements. Since IDS rely on audit data to detect violations of security policy, we can balance above requirements by pseudonymization of audit data, as a form of reversible anonymization. We discuss previous work in this area and underlying trust models. Instead of relying on mechanisms external to the system, or under the control of potential adversaries, in our proposal we technically bind reidentification to a threshold, representing the legal purpose of accountability in the presence of policy violations. Also, we contrast our notion of threshold-based identity recovery with previous approaches and point out open problems.
The work described here is currently partially funded by Deutsche Forschungsgemeinschaft under contract number Bi 311/10-1.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Birgit Pfitzmann, Michael Waidner, and Andreas Pfitzmann. Rechtssicherheit trotz Anonymität in offenen digitalen Systemen (in German). Datenschutz und Datensicherheit, 14(5–6):243–253, 305–315, 1990.
Kai Rannenberg, Andreas Pfitzmann, and Günther Müller. IT security and multilateral security. In Müller and Rannenberg [27], pages 21–29.
Joachim Biskup and Ulrich Flegel. Transaction-based pseudonyms in audit data for privacy respecting intrusion detection. In Hervé Debar, Ludovic Mé, and S. Felix Wu, editors, Proceedings of the Third International Workshop on Recent Advances in Intrusion Detection (RAID 2000), number 1907 in LNCS, pages 28–48, Toulouse, France, October 2000. Springer.
Directive 95/46/EC of the European Parliament and of the Council of 24 october 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Official Journal L 281, October 1995. http://europa.eu.int/eur-lex/en/lif/dat/1995/en_395L0046.html.
Erster Senat des Bundesverfassungsgerichts. Urteil vom 15. Dezember 1983 zum Volkszählungsgesetz-1 BvR 209/83 u.a. (in German). Datenschutz und Datensicherung, 84(4):258–281, April 1984. http://www.datenschutz-berlin.de/gesetze/sonstige/volksz.htm.
Michael Sobirey, Simone Fischer-Hübner, and Kai Rannenberg. Pseudonymous audit for privacy enhanced intrusion detection. In L. Yngström and J. Carlsen, editors, Proceedings of the IFIP TC11 13th International Conference on Information Security (SEC’97), pages 151–163, Copenhagen, Denmark, May 1997. IFIP, Chapman & Hall, London.
Emilie Lundin and Erland Jonsson. Privacy vs intrusion detection analysis. In Proceedings of the Second International Workshop on the Recent Advances in Intrusion Detection (RAID’99), West Lafayette, Indiana, September 1999. Purdue University, CERIAS.
Emilie Lundin and Erland Jonsson. Some practical and fundamental problems with anomaly detection. In Proceedings of NORDSEC’99, Kista Science Park, Sweden, November 1999.
Simone Fischer-Hübner and Klaus Brunnstein. Opportunities and risks of intrusion detection expert systems. In Proceedings of the International IFIP-GI-Conference Opportunities and Risks of Artificial Intelligence Systems ORAIS’89, Hamburg, Germany, July 1989. IFIP.
Simone Fischer-Hübner. IDA ( I ntrusion D etection and A voidance System): Eineinbruchsentdeckendes und einbruchsvermeidendes System (in German). Informatik. Shaker, 1993.
Michael Sobirey. Aktuelle Anforderungen an Intrusion Detection-Systeme und deren Berücksichtigung bei der Systemgestaltung von AID2 (in German). In Hans H. Brüggemann and Waltraud Gerhardt-Häckl, editors, Proceedings of Verlä\liche IT-Systeme, DuD-Fachbeiträge, pages 351–370, Rostock, Germany, April 1995. GI, Vieweg.
M. Sobirey, B. Richter, and H. König. The intrusion detection system AID-Architecture and experiences in automated audit trail analysis. In P. Horster, editor, Proceedings of the IFIP TC6/TC11 International Conference on Communications and Multimedia Security, pages 278–290, Essen, Germany, September 1996. IFIP, Chapman & Hall, London.
Michael Sobirey. Datenschutzorientiertes Intrusion Detection (in German). DuD-Fachbeiträge. Vieweg, 1999.
Michael Meier and Thomas Holz. Sicheres Schlüsselmanagement für verteilte Intrusion-Detection-Systeme (in German). In Patrick Horster, editor, Systemsicherheit, DuD-Fachbeiträge, pages 275–286, Bremen, Germany, March 2000. GI-2.5.3, ITG-6.2, ÖCG/ACS, TeleTrusT, Vieweg.
Emilie Lundin and Erland Jonsson. Anomaly-based intrusion detection: privacy concerns and other problems. Computer Networks, 34(4):623–640, October 2000.
Roland Büschkes and Dogan Kesdogan. Privacy enhanced intrusion detection. In Müller and Rannenberg [27], pages 187–204.
David Chaum. Untraceable electronic mail, return addresses, and digital signatures. Communications of the ACM, 24(2):84–88, February 1981.
D. Kesdogan, R. Büschkes, and J. Egner. Stop-and-go-mixes providing probabilistic anonymity in an open system. In Proceedings of the 2nd Workshop on Information Hiding (IHW’98), number 1525 in LNCS, pages 83–98. Springer, 1998.
Teresa F. Lunt, R. Jagannathan, Rosanna Lee, Sherry Listgarten, David L. Edwards, Peter G. Neumann, Harold S. Javitz, and Al Valdes. IDES: The enhanced prototype, a real-time intrusion-detection expert system. Technical Report SRI-CSL-88-12, SRI Project 4185–010, Computer Science Laboratory SRI International, 1988.
Joe Kilian and Erez Petrank. Identity escrow. In Proceedings of the Conference on Advances in Cryptology (CRYPTO’98), pages 196–185, 1998.
Dan Boneh and Matt Franklin. Anonymous authentication with subset queries. In Proceedings of the 6th ACM Conference on Computer and Communications Security, pages 113–119, Kent Ridge Digital Labs, Singapore, November 1999. ACM SIGSAC, ACM Press.
Yuen-Yan Chan. On privacy issues of internet access services via proxy servers. In Rainer Baumgart, editor, Secure Networking-CQRE[Secure]’99, number 1740 in LNCS, pages 183–191, Düsseldorf, Germany, November 1999. secunet, Springer.
David Chaum, Amos Fiat, and Moni Naor. Untraceable electronic cash. In S. Goldwasser, editor, Proceedings of the Conference on Advances in Cryptology (CRYPTO’88), LNCS, pages 319–327, Santa Barbara, CA, August 1988. Springer.
National Computer Security Center. US DoD Standard: Department of Defense Trusted Computer System Evaluation Criteria. DOD 5200.28-STD, Supercedes CSC-STD-001-83, dtd 15 Aug 83, Library No. S225,711, December 1985. http://csrc.ncsl.nist.gov/secpubs/rainbow/std001.txt.
National Computer Security Center. Audit in trusted systems. NCSC-TG-001, Library No. S-228,470, July 1987. http://csrc.ncsl.nist.gov/secpubs/rainbow/tg001.txt.
Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone. Handbook of Applied Cryptography. Discrete Mathematics and its Applications. CRC Press, Inc., Boca Raton, Florida, 1997.
Günter Müller and Kai Rannenberg, editors. Multilateral Security in Communications. Information Security. Addison Wesley, first edition, 1999.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Biskup, J., Flegel, U. (2001). On Pseudonymization of Audit Data for Intrusion Detection. In: Federrath, H. (eds) Designing Privacy Enhancing Technologies. Lecture Notes in Computer Science, vol 2009. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44702-4_10
Download citation
DOI: https://doi.org/10.1007/3-540-44702-4_10
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-41724-8
Online ISBN: 978-3-540-44702-3
eBook Packages: Springer Book Archive