Greg Hellings

Learn More
—To promote sharing of packet traces across security domains we introduce SCRUB-tcpdump, a tool that adds multi-field multi-option anonymization to tcpdump functionality. Experimental results show how SCRUB-tcpdump provides flexibility to balance the often conflicting requirements for privacy protection versus security analysis. Specifically, we demonstrate(More)
up a fundamental tradeoff between privacy protection versus security analysis capability. This privacy/analysis tradeoff has been acknowledged by many researchers but this is the first paper to provide empirical measurements to characterize the privacy/analysis tradeoff for an enterprise dataset. Specifically we perform anonymization options on(More)
Network data needs to be shared for distributed security analysis. Anonymization of network data for sharing sets up a fundamental tradeoff between privacy protection versus security analysis capability. This privacy/analysis tradeoff has been acknowledged by many researchers but this is the first paper to provide empirical measurements to characterize the(More)
Anonymization provides a mechanism for sharing data while obscuring private/sensitive values within the shared data. However, anonymization for sharing also sets up a fundamental tradeoff – the stronger the anonymization protection, the less information remains for analysis. This privacy/analysis tradeoff has been descriptively acknowledged by many(More)
— Sharing of network data between organizations is desperately needed as attackers bounce between targets in different security domains and launch attacks across security domains. Anonymization to protect private/sensitive information has emerged as a promising approach to sharing network data between security domains. However, a fundamental tradeoff exists(More)
  • 1