Privacy-Preserving Analysis of Forensics Logs for Intrusion Detection

Abstract

To address the increasing concern of privacy in the context of intrusion detection, privacy preserving data analysis techniques have become indispensable. These techniques aim to ensure that sensitive information within forensics logs is protected while still allowing for effective intrusion detection. By employing methods such as anonymization, differential privacy, and encryption, it is possible to analyze forensics logs in a secure and privacy preserving manner. This approach not only safeguards the privacy of individuals and organizations but also enhances the trustworthiness of the intrusion detection process. Differential privacy has emerged as a vital solution to the challenge of applying preserving privacy in data analysis. Leveraging differential privacy, we propose a methodology that balances the trade-off between data utility and privacy. Our approach employs a hierarchical subnet decomposition to structure IP address Privacy-preserving data analysis techniques have become indispensable to address the increasing concern of privacy in the context of intrusion detection to protect sensitive information within forensics logs while space, allowing for efficient data analysis without compromising individual privacy. Through the application of proportional and geometric budget allocation methods, we tailor the privacy budget and query optimization to enhance the accuracy of query results, reducing average relative error. The experimental evaluation, conducted on a Risk-based authentication (RBA) dataset, demonstrates our approach’s effectiveness in maintaining data utility while adhering to privacy constraints.

Date of Award	2024
Original language	American English
Awarding Institution	HBKU College of Science and Engineering