Abstract
This paper proposes a roadmap for how privacy leakages from outsourced managed security services using intrusion detection systems can be controlled. The paper first analyses the risk of leaking private or confidential information from signature-based intrusion detection systems. It then discusses how the situation can be improved by developing adequate privacy enforcement methods and privacy leakage metrics in order to control and reduce the leakage of private and confidential information over time. Such metrics should allow for quantifying how much information that is leaking, where these information leakages are, as well as showing what these leakages mean. This includes adding enforcement mechanisms ensuring that operation on sensitive information is transparent and auditable. The data controller or external quality assurance organisations can then verify or certify that the security operation operates in a privacy friendly manner. The roadmap furthermore outlines how privacy-enhanced intrusion detection systems should be implemented by initially providing privacy-enhanced alarm handling and then gradually extending support for privacy enhancing operation to other areas like digital forensics, exchange of threat information and big data analytics based attack detection.
Similar content being viewed by others
Notes
There will also be synergies between privacy enhancing technologies and security, as will be discussed later. Aiming for such synergies is recommended by the 4. Privacy by Default principle, which states that one should aim for a win-win situation between privacy and security (Cavoukian et al. 2010).
Web bug definition: http://en.wikipedia.org/wiki/Web_bug
The detailed theory behind this metric is considered beyond the scope of this paper, but interested readers can read the full paper here (Ulltveit-Moe and Oleshchuk 2013).
References
Acquisti, A., John, L., & Loewenstein, G. (2010). What is privacy worth? http://www.futureofprivacy.org/wp-content/uploads/2010/07/privacy-worth-acquisti-FPF.
Alharby, A., & Imai, H. (2005). IDS false alarm reduction using continuous and discontinuous patterns. Lecture Notes in Computer Science, 3531, 192–205.
Baker, M., Turnbull, D., & Kaszuba, G. (2012). Finding needles in haystacks (the size of countries). http://media.blackhat.com/bh-eu-12/Baker/bh-eu-12-Baker-Needles_Haystacks-WP.
Berthold, S., & Böhme, R. (2010). Valuating privacy with option pricing theory. In T. Moore, D. Pym, & C. Ioannidis (Eds.), Economics of Information Security and Privacy (pp. 187–209). US: Springer.
Bicknell, P., & Jean, H. (2011). National information assurance partnership common criteria evaluation and validation scheme, validation report hp tippingpoint intrusion prevention systems. http://www.commoncriteriaportal.org/files/epfiles/st_vid10345-vr.
Cavoukian, A. (2009). Whole body imaging in airport scanners: Activate privacy filters to achieve security and privacy. http://www.ipc.on.ca/images/Resources/wholebodyimaging.
Cavoukian, A., Taylor, S., & Abrams, M. E. (2010). Privacy by design—Essential for organizational accountability and strong business practices. Identity in the Information Society, 3(2), 405–413.
Ciriani, V., di Vimercati, S. C., Foresti, S., & Samarati, P. (2007). k-Anonymity. In: Secure data management in decentralized systems (pp. 323–353). Springer.
Cisco (2013). Writing custom signatures for the cisco intrusion prevention system. http://www.cisco.com/web/about/security/intelligence/ips_custom_sigs_pdf.
Cord, A., Ambroise, C., & Cocquerez, J. P. (2006). Feature selection in robust clustering based on laplace mixture. Pattern Recognition Letters, 27(6), 627–635. doi:10.1016/j.patrec.2005.09.028.
Ding, W., Yurcik, W., & Yin, X. (2005). Outsourcing internet security: Economic analysis of incentives for managed security service providers. In: Internet and network economics, LNCS, vol 3828 (pp. 947–958). Springer.
Dwork, C. (2006). Differential privacy. Automata, languages and programming (pp. 1–12).
European Commission. (2002). Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications). http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:32002L0058:en:NOT.
European Communities. (2014). Digital security: Cybersecurity, privacy and trust. URL http://ec.europa.eu/research/participants/portal/desktop/en/opportunities/h2020/topics/99-ds-01-2014.html.
Figueiredo, M. A. T., & Jain, A. K. (2002). Unsupervised learning of finite mixture models. IEEE Transactions on Pattern Analysis and Machine Intelligence, 24(3), 381–396. doi:10.1109/34.990138.
Flegel, U. (2007). Privacy-respecting intrusion detection (1st ed.). Berlin: Springer.
Gartner. (2010). Magic quadrant for network intrusion prevention systems. URL http://mcafee.zinfi.com/enduser/ngns/dyntek1/file/McAfee_vol4-art5.
Gordon, L. A., & Loeb, M. P. (2002). The economics of information security investment. ACM Transactions on Information and System Security, 5(4), 438–457. doi:10.1145/581271.581274.
Gritzalis, S., Yannacopoulos, A., Lambrinoudakis, C., Hatzopoulos, P., & Katsikas, S. (2007). A probabilistic model for optimal insurance contracts against security risks and privacy violation in IT outsourcing environments. International Journal of Information Security, 6(4), 197–211. doi:10.1007/s10207-006-0010-x.
Ho, C. Y., Lai, Y. C., Chen, I. W., Wang, F. Y., & Tai, W. H. (2012). Statistical analysis of false positives and false negatives from real traffic with intrusion detection/prevention systems. IEEE Communications Magazine, 50(3), 146–154. doi:10.1109/MCOM.2012.6163595.
Kairab, S. (2005). A practical guide to security assessments. Boca Raton, Florida: Auerbach Publications.
Richards, N. M., King, J. H. (2013). Three paradoxes of big data. Stanford Law Review Online 66:41, URL http://www.stanfordlawreview.org/online/privacy-and-big-data/three-paradoxes-big-data.
Machanavajjhala, A., Kifer, D., Gehrke, J., Venkitasubramaniam, M. (2007). l-diversity: Privacy beyond k-anonymity. Cornell University p 52, URL http://www.truststc.org/pubs/465.html.
Maier, G., Sommer, R., Dreger, H., Feldmann, A., Paxson, V., & Schneider, F. S. (2008). Enriching network security analysis with time travel. SIGCOMM Computer Communication Review, 38(4), 183–194. doi:10.1145/1402946.1402980.
McAfee. (2007). Mcafee intrushield IPS, user-defined signature creation version 4.1. https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/20000/PD20345/en_US/INTR_User-Defined_Signatures_4.1.
Moen, R. D., Nolan, T. W., & Provost, L. P. (1999). Quality improvement through planned experimentation. New York: McGraw-Hill.
National Science Foundation. (2014). US NSF-CISE-funding. URL http://www.nsf.gov/cise/funding/cyber_awards.jsp.
Plashchynski, D. (2014). viewssld—SSL traffic descryption daemon. URL http://sourceforge.net/projects/viewssld/.
Popa, R. A., Redfield, C. M. S., Zeldovich, N., & Balakrishnan, H. (2011). CryptDB: Protecting confidentiality with encrypted query processing. In: Proceedings of the twenty-third ACM symposium on operating systems principles, ACM, New York, NY, USA, SOSP ’11, (pp. 85–100), doi:10.1145/2043556.2043566.
Radianti, J., & Ulltveit-Moe, N. (2008). Classification of malicious tools in underground markets for vulnerabilities. NISK, 2008, 19–31.
Roesch, M. & Green, S. C. (2009). Snort. URL http://www.snort.org/assets/82/snort_manual.
Samuelson, P. (2000). Privacy as intellectual property? Stanford Law Review 52(5):1125–1173, URL http://www.jstor.org/stable/1229511.
Sankar, L., Rajagopalan, S., & Poor, H. (2010). Utility and privacy of data sources: Can Shannon help conceal and reveal information? Information Theory and Applications Workshop (ITA), 2010, 1–7. doi:10.1109/ITA.2010.5454092.
Scarfone, K., Mell, P. (2007). Guide to intrusion detection and prevention systems (IDPS). http://csrc.nist.gov/publications/nistir/ir7628/nistir-7628_vol1.
Schechter, S. E., & Smith, M. D. (2003). How much security is enough to stop a thief? The economics of outsider theft via computer systems and networks. Financial Cryptography, 2742, 122–137.
Shannon, C. (1948). A mathematical theory of communication. Bell System Technical Journal, 27(379–423), 623–656.
Smith, G. (2009). On the foundations of quantitative information flow. In: Alfaro, L. D. (Ed.), Foundations of software science and computational structures, no. 5504 in Lecture Notes in Computer Science (pp 288–302). Berlin Heidelberg: Springer.
Smith, G. (2011). Quantifying information flow using min-entropy. In: Quantitative evaluation of systems (QEST), 2011 eighth international conference on, pp 159–167, doi:10.1109/QEST.2011.31.
Sourcefire Vulnerability Research Team VRT. (2014). Download snort rules. URL http://www.snort.org/downloads/2862.
Sweeney, L. (2002). k-anonymity: A model for protecting privacy. International Journal on Uncertainty, Fuzziness and Knowledge-based Systems, 10, 557–570.
Tavallaee, M., Bagheri, E., Lu, W., & Ghorbani, A. (2010). A detailed analysis of the KDD CUP 99 data set. In: Second IEEE symposium on computational intelligence for security and defence applications 2009.
Trustwave. (2014). ModSecurity open source web application firewall. URL http://www.modsecurity.org.
Ulltveit-Moe, N., Oleshchuk, V. A. (2013). Measuring privacy leakage for IDS rules. CoRR abs/1308.5421.
Warren, S., & Brandeis, L. D. (1890). The right to privacy. Harvard Law Review, 4(5),
X-Force, I. S. S. (2011). Signature author’s guide, IBM security systems opensignature. http://www-01.ibm.com/support/docview.wss?uid=swg21570487&aid=3.
Yannacopoulos, A. N., Lambrinoudakis, C., Gritzalis, S., Xanthopoulos, S. Z., & Katsikas, S. N. (2008). Modeling privacy insurance contracts and their utilization in risk management for ICT firms. Proceedings of the 13th European symposium on research in computer security: Computer security (pp. 207–222). Málaga, Spain: Springer.
Acknowledgments
Thanks to all anonymous reviewers, for challenging questions and good ideas on how to improve the quality of the paper. This work has been partially supported by the project “PRECYSE - Protection, prevention and reaction to cyber-attacks to critical infrastructures”, funded by the European Commission under the FP7 frame programme with contract number FP7-SEC-2012-1-285181 (www.precyse.eu), and partially by Telenor Research and Innovation under the contract DR-2009-1.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Ulltveit-Moe, N. A roadmap towards improving managed security services from a privacy perspective. Ethics Inf Technol 16, 227–240 (2014). https://doi.org/10.1007/s10676-014-9348-3
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10676-014-9348-3