Collaboration across network boundaries would substantially strengthen network defense by enabling collaborative intrusion/anomaly detection and root-cause analysis. Unfortunately, privacy concerns largely prevent collaboration in multi-domain networking. Data protection legislation makes data sharing illegal in certain cases, especially if PII (personally identifying information) is involved. Even if it were legal, sharing sensitive network internals might actually reduce security if the data fall into the wrong hands.
We discuss the need for cooperation in network security and potential solutions for the associated privacy problems in a series of articles in the CSG blog:
Why Next-Generation Internet Security Requires Collaboration
Are we "blind men" observing the "Internet elephant"? This article argues that collaboration is benefical for network measurement in general and network security in particular. [Read more →]
Setbacks on the Road to Collaborative Network Security
A seemingly easy solution for the privacy problems with network data is anonymization. Many tools and frameworks have been developed and are ready for deployment. But is it really safe to share anonymized data? And how does anonymization impact on data quality? [Read more →]
Enabling Cooperative Network Security with MPC
Instead of further tuning the ill-fated privacy-utility tradeoff for anonymization, we set out for a very ambitious goal:
- No compromise on privacy!
- No compromise on utility!
Collaborative Network Troubleshooting in Practice
In this article we report on our experiences from applying MPC protocols developed with SEPIA to real network traces of six SWITCH customers. We show how these protocols enable the collaborative monitoring of network state as well as the detection and analysis of distributed anomalies, without leaking sensitive local information. [Read more →]