Greg Hellings

Learn More
Network data needs to be shared for distributed security analysis. Anonymization of network data for sharing sets up a fundamental tradeoff between privacy protection versus security analysis capability. This privacy/analysis tradeoff has been acknowledged by many researchers but this is the first paper to provide empirical measurements to characterize the(More)
To promote sharing of packet traces across security domains we introduce SCRUB-tcpdump, a tool that adds multi-field multi-option anonymization to tcpdump functionality. Experimental results show how SCRUB-tcpdump provides flexibility to balance the often conflicting requirements for privacy protection versus security analysis. Specifically, we demonstrate(More)
Network data needs to be shared for distributed security analysis. Anonymization of network data for sharing sets up a fundamental tradeoff between privacy protection versus security analysis capability. This privacy/analysis tradeoff has been acknowledged by many researchers but this is the first paper to provide empirical measurements to characterize the(More)
Sharing of network data between organizations is desperately needed as attackers bounce between targets in different security domains and launch attacks across security domains. Anonymization to protect private/sensitive information has emerged as a promising approach to sharing network data between security domains. However, a fundamental tradeoff exists(More)
Sharing data between organization is important aspect of network protection that is not currently occurring since it is unsafe. This talk is about a suite of tools that can be used to "scrub" data (using anonymization) so it can be safely shared. SCRUB* is an infrastructure because all the tools use the same anonymization algorithms for seamless sharing(More)
Anonymization provides a mechanism for sharing data while obscuring private/sensitive values within the shared data. However, anonymization for sharing also sets up a fundamental tradeoff – the stronger the anonymization protection, the less information remains for analysis. This privacy/analysis tradeoff has been descriptively acknowledged by many(More)
  • 1