Article

Distance-preserving pseudonymization for timestamps and spatial data

Author:

Florian KerschbaumAuthors Info & Claims

WPES '07: Proceedings of the 2007 ACM workshop on Privacy in electronic society

Pages 68 - 71

https://doi.org/10.1145/1314333.1314346

Published: 29 October 2007 Publication History

Abstract

The need for privacy in intrusion detection data, such as audit logs is widely recognized. The prevalent method for privacy protection in audit logs is pseudonymization (and suppression). There is a clear trade-off between the privacy of a pseudonymization technique and its utility for intrusion detection. E.g., for IP addresses a method for prefix preserving pseudonymization has been developed, that allows pseudonymized IP addresses to be still grouped into subnets. This paper describes a pseudonymization technique for timestamps that is distance preserving. I.e. given two pseudonymized timestamps one can compute the distance δ, if d is below or equal to an agreed threshold d and one cannot compute δif δ = 2d. We extend our technique for two dimensional spatial data, e.g. location of objects or persons. We also evaluate the privacy any such distance-preserving technique can provide for timestamps theoretically and on real-world log data.

References

[1]

T. Bass. Intrusion detection systems and multisensor data fusion. Communications of the ACM, 43(4), 2000.

Digital Library

[2]

J. Biskup, and U. Flegel. Threshold-based Identity Recovery for Privay Enhanced Applications. Proceedings of the 7th International ACM Conference on Computer and Communications Security, 2000.

Digital Library

[3]

T. Brekne, and A. Årnes. Circumventing IP-Address Pseudonymization. Proceedings of the 3rd IASTED International Conference on Communications and Computer Networks, 2005.

[4]

G. Davida, Y. Frankel, and B. Matt. On Enabling Secure Applications Through Off-Line Biometric Identification. Proceedings of the IEEE Symposium on Security and Privacy, 1998.

[5]

U. Flegel, and J. Biskup. Requirements of Information Reductions for Cooperating Intrusion Detection Agents. Proceedings of the International Conference on Emerging Trends in Information and Communication Security, 2006.

Digital Library

[6]

M. Huang, R. Jasper, and T. Wicks. A large scale distributed intrusion detection framework based on attack strategy analysis. Computer Networks, 31(23--24), 1999.

Digital Library

[7]

A. Juels, and M. Wattenberg. A fuzzy commitment scheme. Proceedings of the 6th ACM conference on Computer and communications security, 1999.

Digital Library

[8]

A. Lee, P. Tabriz, and N. Borisov. A Privacy-Preserving Interdomain Audit Framework. Proceedings of the Workshop On Privacy In The Electronic Society, 2006.

Digital Library

[9]

P. Lincoln, P. Porras, and V. Shmatikov. Privacy-Preserving Sharing and Correlation of Security Alerts. Proceedings of the 13th USENIX Security Symposium, 2004.

Digital Library

[10]

E. Lundin, and E. Jonnson. Privacy vs. Intrusion Detection Analysis. Proceedings of International Symposium on Recent Advances in Intrusion Detection, 1999.

[11]

A. Menezes, P. van Oorschot, and S. Vanstone. Handbook of Applied Cryptography. CRC Press, 1996.

Digital Library

[12]

R. Pang, and V. Paxson. A high-level programming environment for packet trace anonymization and transformation. Proceedings of the ACM Conference on Applications, technologies, architectures, and protocols for computer communications, 2003.

Digital Library

[13]

M. Sobirey, S. Fischer-Hübner, and K. Rannenburg. Pseudonymous audit for privacy enhanced intrusion detection. Proceedings of the 13th IFIP International Conference on Information Security (SEC), 1997.

Digital Library

[14]

A. Slagell, and W. Yurcik. Sharing Computer Network Logs for Security and Privacy: A Motivation for New Methodologies of Anonymization. Proceedings of the Workshop on the Value of Security through Collaboration, 2005.

[15]

B. Waters, D. Balfanz, G. Durfee, and D. K. Smetters. Building an Encrypted and Searchable Audit Log. Proceedings of the Internet Society Network Distributed Systems Symposium, 2004.

[16]

J. Xu, J. Fan, M. Ammar, and S. Moon. Prefix-Preserving IP Address Anonymization: Measurement-Based Security Evaluation and a New Cryptography-Based Scheme. Proceedings of the 10th IEEE International Conference on Network Protocols, 2002.

Digital Library

[17]

D. Xu, and P. Ning. Privacy-Preserving Alert Correlation: A Concept Hierarchy Based Approach. Proceedings of the 21st Annual Computer Security Applications Conference, 2005.

Digital Library

[18]

J. Zhang, N. Borisov, and W. Yurcik. Outsourcing Security Analysis with Anonymized Logs. Proceedings of the Workshop on the Value of Security through Collaboration, 2006.

Cited By

Han SShen KShen DWang C(2024)Enhanced Multi-Party Privacy-Preserving Record Linkage Using Trusted Execution EnvironmentsMathematics10.3390/math1215233712:15(2337)Online publication date: 26-Jul-2024
https://doi.org/10.3390/math12152337
He XWei HHan SShen D(2022)Multi-party Privacy-Preserving Record Linkage Method Based on Trusted Execution EnvironmentWeb Information Systems and Applications10.1007/978-3-031-20309-1_52(591-602)Online publication date: 8-Dec-2022
https://doi.org/10.1007/978-3-031-20309-1_52
Schnell RKlingwort JFarrow J(2021)Locational privacy-preserving distance computations with intersecting sets of randomly labeled grid pointsInternational Journal of Health Geographics10.1186/s12942-021-00268-y20:1Online publication date: 20-Mar-2021
https://doi.org/10.1186/s12942-021-00268-y
Show More Cited By

Index Terms

Distance-preserving pseudonymization for timestamps and spatial data
1. Security and privacy
  1. Cryptography
  2. Systems security
    1. Operating systems security
2. Software and its engineering
  1. Software organization and properties
    1. Software system structures
      1. Distributed systems organizing principles
        Organizing principles for web applications

Recommendations

An evaluation of technologies for the pseudonymization of medical data
SAC '09: Proceedings of the 2009 ACM symposium on Applied Computing

Privacy is one of the fundamental issues in health care today. Although, it is a fundamental right of every individual to demand privacy and a variety of laws were enacted that demand the protection of patients' privacy, approaches for protecting ...
LiDSec- A Lightweight Pseudonymization Approach for Privacy-Preserving Publishing of Textual Personal Information
ARES '11: Proceedings of the 2011 Sixth International Conference on Availability, Reliability and Security

Sharing personal information benefits both data providers and data consumers in many ways. Recent advances in sensor networks and personal archives enable users to record personal information including emails, social networking activities, or life ...
Utility Requirement Description for Utility-Preserving and Privacy-Respecting Data Pseudonymization
Trust, Privacy and Security in Digital Business
Abstract
Many of the existing pseudonymization techniques aim at preserving the use-case specific utility of the data. However, retracing under which condition a utility is present in pseudonymized data is hard. Therefore, specifying and applying ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

WPES '07: Proceedings of the 2007 ACM workshop on Privacy in electronic society

October 2007

116 pages

ISBN:9781595938831

DOI:10.1145/1314333

General Chair:
Peng Ning
North Carolina State University, USA
,
Program Chair:
Ting Yu
North Carolina State University, USA

Copyright © 2007 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 29 October 2007

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

CCS07

Sponsor:

CCS07: 14th ACM Conference on Computer and Communications Security 2007

October 29, 2007

Virginia, Alexandria, USA

Acceptance Rates

Overall Acceptance Rate 106 of 355 submissions, 30%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

13
Total Citations
View Citations
257
Total Downloads

Downloads (Last 12 months)2
Downloads (Last 6 weeks)0

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Han SShen KShen DWang C(2024)Enhanced Multi-Party Privacy-Preserving Record Linkage Using Trusted Execution EnvironmentsMathematics10.3390/math1215233712:15(2337)Online publication date: 26-Jul-2024
https://doi.org/10.3390/math12152337
He XWei HHan SShen D(2022)Multi-party Privacy-Preserving Record Linkage Method Based on Trusted Execution EnvironmentWeb Information Systems and Applications10.1007/978-3-031-20309-1_52(591-602)Online publication date: 8-Dec-2022
https://doi.org/10.1007/978-3-031-20309-1_52
Schnell RKlingwort JFarrow J(2021)Locational privacy-preserving distance computations with intersecting sets of randomly labeled grid pointsInternational Journal of Health Geographics10.1186/s12942-021-00268-y20:1Online publication date: 20-Mar-2021
https://doi.org/10.1186/s12942-021-00268-y
Gkoulalas-Divanis AVatsalan DKarapiperis DKantarcioglu M(2021)Modern Privacy-Preserving Record Linkage Techniques: An OverviewIEEE Transactions on Information Forensics and Security10.1109/TIFS.2021.311402616(4966-4987)Online publication date: 2021
https://doi.org/10.1109/TIFS.2021.3114026
Becher SGerl AMeier BBölz F(2020)Big Picture on Privacy Enhancing Technologies in e-Health: A Holistic Personal Privacy WorkflowInformation10.3390/info1107035611:7(356)Online publication date: 8-Jul-2020
https://doi.org/10.3390/info11070356
Burkert CFederrath H(2019)Towards Minimising Timestamp Usage In Application SoftwareData Privacy Management, Cryptocurrencies and Blockchain Technology10.1007/978-3-030-31500-9_9(138-155)Online publication date: 20-Sep-2019
https://doi.org/10.1007/978-3-030-31500-9_9
Karapiperis DGkoulalas-Divanis AVerykios V(2018)FEDERAL: A Framework for Distance-Aware Privacy-Preserving Record LinkageIEEE Transactions on Knowledge and Data Engineering10.1109/TKDE.2017.276175930:2(292-304)Online publication date: 1-Feb-2018
https://doi.org/10.1109/TKDE.2017.2761759
Bagai RMalik NJadliwala M(2017)Measuring Anonymity of Pseudonymized Data After Probabilistic Background AttacksIEEE Transactions on Information Forensics and Security10.1109/TIFS.2017.265645812:5(1156-1169)Online publication date: May-2017
https://doi.org/10.1109/TIFS.2017.2656458
Kroll MSchnell R(2016)Anonymisation of geographical distance matrices via Lipschitz embeddingInternational Journal of Health Geographics10.1186/s12942-015-0031-715:1Online publication date: 7-Jan-2016
https://doi.org/10.1186/s12942-015-0031-7
De Capitani di Vimercati SForesti SJajodia SParaboschi SSamarati P(2015)Integrity for Approximate Joins on Untrusted Computational ServersICT Systems Security and Privacy Protection10.1007/978-3-319-18467-8_30(446-459)Online publication date: 9-May-2015
https://doi.org/10.1007/978-3-319-18467-8_30
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten