TY - GEN
T1 - Key escrow schemes with sliding window for privacy-aware anomaly detection system
AU - Hyytiä, Esa
AU - Gojmerac, Ivan
AU - Teofili, Simone
AU - Bianchi, Giuseppe
PY - 2010
Y1 - 2010
N2 - Requirements for a traffic monitoring system can be very demanding as both privacy and performance aspects have to be taken into account jointly. Moreover, the legislation sets forth strict rules that must also be met. Various cryptographic primitives provide invaluable tools for realising privacy enforcing mechanisms in such a system with respect to the above mentioned goals. In this paper, we consider an arbitrary traffic anomaly detection system consisting of two stages. The first stage pre-processes the monitored traffic with both data rate reduction and privacy protection in mind. The second stage is in charge of the final analysis and storing the relevant information. In particular, the privacy sensitive information is encrypted on per flow basis by the first stage, so that the second stage cannot access any flow without an appropriate key, which is given only when there is a strong reason to do so. In this setting, we study a sliding window type of mechanism for escrowing a secret decryption key from the first stage to the second in response to observing a sufficient number of malicious events within a specified time duration. Given the flow specific key, the second stage can then take a closer look at the corresponding part of the traffic, and decide on further actions. As a result, the privacy of the other users cannot be violated.
AB - Requirements for a traffic monitoring system can be very demanding as both privacy and performance aspects have to be taken into account jointly. Moreover, the legislation sets forth strict rules that must also be met. Various cryptographic primitives provide invaluable tools for realising privacy enforcing mechanisms in such a system with respect to the above mentioned goals. In this paper, we consider an arbitrary traffic anomaly detection system consisting of two stages. The first stage pre-processes the monitored traffic with both data rate reduction and privacy protection in mind. The second stage is in charge of the final analysis and storing the relevant information. In particular, the privacy sensitive information is encrypted on per flow basis by the first stage, so that the second stage cannot access any flow without an appropriate key, which is given only when there is a strong reason to do so. In this setting, we study a sliding window type of mechanism for escrowing a secret decryption key from the first stage to the second in response to observing a sufficient number of malicious events within a specified time duration. Given the flow specific key, the second stage can then take a closer look at the corresponding part of the traffic, and decide on further actions. As a result, the privacy of the other users cannot be violated.
KW - key revocation
KW - privacy
KW - Shamir's scheme
KW - sliding window
UR - http://www.scopus.com/inward/record.url?scp=77955801592&partnerID=8YFLogxK
U2 - 10.1145/1754239.1754277
DO - 10.1145/1754239.1754277
M3 - Conference contribution
AN - SCOPUS:77955801592
SN - 9781605589459
T3 - ACM International Conference Proceeding Series
BT - Proceedings of the 2010 International Conference on Extending Database Technology/International Conference on Database Theory, EDBT/ICDT 2010
T2 - 2010 International Conference on Extending Database Technology/International Conference on Database Theory, EDBT/ICDT 2010
Y2 - 22 March 2010 through 22 March 2010
ER -