English

Privacy-Friendly Collaboration for Cyber Threat Mitigation

Cryptography and Security 2017-03-02 v4 Networking and Internet Architecture

Abstract

Sharing of security data across organizational boundaries has often been advocated as a promising way to enhance cyber threat mitigation. However, collaborative security faces a number of important challenges, including privacy, trust, and liability concerns with the potential disclosure of sensitive data. In this paper, we focus on data sharing for predictive blacklisting, i.e., forecasting attack sources based on past attack information. We propose a novel privacy-enhanced data sharing approach in which organizations estimate collaboration benefits without disclosing their datasets, organize into coalitions of allied organizations, and securely share data within these coalitions. We study how different partner selection strategies affect prediction accuracy by experimenting on a real-world dataset of 2 billion IP addresses and observe up to a 105% prediction improvement.

Keywords

Cite

@article{arxiv.1403.2123,
  title  = {Privacy-Friendly Collaboration for Cyber Threat Mitigation},
  author = {Julien Freudiger and Emiliano De Cristofaro and Alex Brito},
  journal= {arXiv preprint arXiv:1403.2123},
  year   = {2017}
}

Comments

This paper has been withdrawn as it has been superseded by arXiv:1502.05337

R2 v1 2026-06-22T03:23:14.293Z