Title :
Privacy Violation Classification of Snort Ruleset
Author :
Ulltveit-Moe, Nils ; Oleshchuk, Vladimir
Author_Institution :
Univ. of Agder, Kristiansand, Norway
Abstract :
It is important to analyse the privacy impact of Intrusion Detection System (IDS) rules, in order to understand and quantify the privacy-invasiveness of network monitoring services. The objective in this paper is to classify Snort rules according to the risk of privacy violations in the form of leaking sensitive or confidential material. The classification is based on a ruleset that formerly has been manually categorised according to our PRIvacy LEakage (PRILE) methodology. Such information can be useful both for privacy impact assessments and automated tests for detecting privacy violations. Information about potentially privacy violating rules can subsequently be used to tune the IDS rule sets, with the objective to minimise the expected amount of data privacy violations during normal operation. The paper suggests some classification tasks that can be useful both to improve the PRILE methodology and for privacy violation evaluation tools. Finally, two selected classification tasks are analysed by using a Nai¿ve Bayes classifier.
Keywords :
data privacy; Nai¿ve Bayes classifier; data privacy violations; intrusion detection system; network monitoring services; privacy leakage; privacy violation classification; privacy-invasiveness; snort ruleset; task classification; Automatic testing; Data analysis; Data mining; Data privacy; Data security; Intelligent networks; Intrusion detection; Monitoring; Relational databases; Streaming media; IDS; classification; privacy violation; rules;
Conference_Titel :
Parallel, Distributed and Network-Based Processing (PDP), 2010 18th Euromicro International Conference on
Conference_Location :
Pisa
Print_ISBN :
978-1-4244-5672-7
Electronic_ISBN :
1066-6192
DOI :
10.1109/PDP.2010.87
