Journal
IEEE TRANSACTIONS ON SIGNAL PROCESSING
Volume 61, Issue 23, Pages 6010-6019Publisher
IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
DOI: 10.1109/TSP.2013.2282911
Keywords
Hidden Markov model; multi-observer; network security; privacy preserving
Categories
Ask authors/readers for more resources
Detection of malicious traffic and network health problems would be much easier if Internet Service Providers (ISPs) shared their data. Unfortunately, they are reluctant to share because doing so would either violate privacy legislation or expose business secrets. Secure distributed computation allows calculations to be made using private data and provides an ideal mechanism for ISPs to share their data. This paper presents such a method, allowing multiple parties to jointly infer a Hidden Markov Model (HMM) for network traffic, which can then be used to detect anomalies. We extend prior work on HMMs in network security to include observations from multiple ISPs and develop secure protocols to infer the model parameters without revealing the private data. We implemented a prototype of the protocols and have tested our implementation on simulated data of realistic network attack models. The experiments show that our protocols have small computation and communication overheads. The protocols therefore are suitable for adoption by ISPs.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available