minimal privacy violation Research project nr. 2 presentation Niels - - PowerPoint PPT Presentation

minimal privacy violation
SMART_READER_LITE
LIVE PREVIEW

minimal privacy violation Research project nr. 2 presentation Niels - - PowerPoint PPT Presentation

Oct 11, 2023 306 likes •622 views

Online event registration with minimal privacy violation Research project nr. 2 presentation Niels van Dijkhuizen Introduction Sharing captured network data IDS rule Privacy concerns Image source:

slide-1
SLIDE 1

Online event registration with minimal privacy violation

Research project nr. 2 – presentation Niels van Dijkhuizen

slide-2
SLIDE 2

Introduction

slide-3
SLIDE 3

Sharing captured network data

slide-4
SLIDE 4

IDS rule

slide-5
SLIDE 5

Privacy concerns

Image source: www.birminghamavs.com/tag/surveillance-cameras

slide-6
SLIDE 6

Research Question

Is it possible to create a system that indicates network threats with minimal privacy violation?

slide-7
SLIDE 7

Approach

slide-8
SLIDE 8

Anonymisation example 1

slide-9
SLIDE 9

Anonymisation example 1

slide-10
SLIDE 10

Anonymisation example 1

slide-11
SLIDE 11

Anonymisation example 2

slide-12
SLIDE 12

Anonymisation example 2

slide-13
SLIDE 13

Anonymisation example 2

slide-14
SLIDE 14
  • Anonymisation or Pseudonymisation?
  • Transformation primitives

Techniques and concepts

Image source: www.open.edu/openlearn/society/the-white-mask

slide-15
SLIDE 15
  • Passive fingerprinting to infer objects

and topology

  • Active Data injection attack

(chosen plaintext)

  • Cryptographic attacks
  • Even PETs are not safe!

Inference attacks

source: www.grumpycats.com

slide-16
SLIDE 16
slide-17
SLIDE 17

Requirements of the Anonymisation system

  • Full support for Link-, Internet- and

Transport layers;

  • Features for application layer

anonymisation;

  • Real time processing network streams.
slide-18
SLIDE 18

State of current tools

slide-19
SLIDE 19
  • Process parallelisation
  • GPU Accelerated Crypto
  • AES-NI, PadLock, etc.

Speed improvements [1]

Image source: www.nvidia.com

slide-20
SLIDE 20
  • Special purpose capture cards
  • Programmable NICs and FPGAs
  • Random Number Generator
  • Inline data anonymisation / filtering

Speed improvements [2]

Image source: digilentinc.com/sume/

slide-21
SLIDE 21

Suggestions

slide-22
SLIDE 22

Plan

Needed steps:

1.

Identify proto/apps;

2.

Get statistics;

3.

Identify threats;

4.

Identify sensitive fields;

5.

Build privacy and threat policies.

slide-23
SLIDE 23

Network native way

Identification and classification Anonymisation Packets Privacy policies Threat rule-sets Further conditional anonymisation Alerts & Storage IDS Detection Engine

Anonymiser Intrusion Detection

Unknown is discarded

slide-24
SLIDE 24

White fielding

Identification and classification Erase irrelevant fields Packets Privacy policies Threat rule-sets Alerts & Storage Simplified IDS

Anonymiser Intrusion Detection

Unknown is discarded

slide-25
SLIDE 25

Conclusions

slide-26
SLIDE 26

It is possible to anonymise network traces to a certain extent and keep some of the usefulness for threat detection

Conclusions [1]

Image source: www.justice-for-families.org.uk/

slide-27
SLIDE 27
  • Do not share complete datasets;
  • Only specific new threat-related parts;
  • Maturity of frameworks:
  • Primitive enhancements;
  • Improving of parsing;
  • Speed / Scalability.

Conclusions [2]

slide-28
SLIDE 28
slide-29
SLIDE 29

Acknowledgement

slide-30
SLIDE 30