2nd International ICST Workshop on the Value of Security through Collaboration

Research Article

Outsourcing Security Analysis with Anonymized Logs

  • @INPROCEEDINGS{10.1109/SECCOMW.2006.359577,
        author={Jianqing  Zhang and Nikita  Borisov and William  Yurcik},
        title={Outsourcing Security Analysis with Anonymized Logs},
        proceedings={2nd International ICST Workshop on the Value of Security through Collaboration},
        publisher={IEEE},
        proceedings_a={SECOVAL},
        year={2007},
        month={5},
        keywords={},
        doi={10.1109/SECCOMW.2006.359577}
    }
    
  • Jianqing Zhang
    Nikita Borisov
    William Yurcik
    Year: 2007
    Outsourcing Security Analysis with Anonymized Logs
    SECOVAL
    IEEE
    DOI: 10.1109/SECCOMW.2006.359577
Jianqing Zhang1,*, Nikita Borisov2,*, William Yurcik3,*
  • 1: Department of Computer Science, Univ. of Illinois at Urbana-Champaign, Urbana.
  • 2: Department of Electrical and Computer Engineering, Univ. of Illinois at Urbana-Champaign, Urbana.
  • 3: National Center for Supercomputing Applications (NCSA), Univ. of Illinois at Urbana-Champaign, Urbana.
*Contact email: jzhang24@uiuc.edu, nikita@uiuc.edu, byurcik@ncsa.uiuc.edu

Abstract

As security monitoring grows both more complicated and more sophisticated, there is an increased demand for outsourcing these tasks to managed security service providers (MSSPs). However, the core problem of sharing private security logs creates a barrier to the widespread adoption of this business model. In this paper we analyze the logs used for security analysis with the concern of privacy and propose the constraints on anonymization of security monitor logs. We believe if the anonymization solution fulfills the constraints, MSSPs can detect the attacks efficiently and protect privacy simultaneously