Cyber-security research by ISPs: A NetFlow and DNS Anonymization Policy

Publikation: Bidrag til bog/antologi/rapport/konference proceedingKonferenceartikel i proceedingForskningpeer review

Abstrakt

Internet Service Providers (ISPs) have an economic and operational interest in detecting malicious network activity relating to their subscribers. However, it is unclear what kind of traffic data an ISP has available for cyber-security research, and under which legal conditions it can be used. This paper gives an overview of the challenges posed by legislation and of the data sources available to a European ISP. DNS and NetFlow logs are identified as relevant data sources and the state of the art in anonymization and fingerprinting techniques is discussed. Based on legislation, data availability and privacy considerations, a practically applicable anonymization policy is presented.

OriginalsprogEngelsk
Titel2020 International Conference on Cyber Security and Protection of Digital Services (Cyber Security)
Antal sider8
ForlagIEEE
Publikationsdato2020
Artikelnummer9138869
ISBN (Trykt)978-1-7281-6429-8
ISBN (Elektronisk)978-1-7281-6428-1
DOI
StatusUdgivet - 2020
Begivenhed 2020 International Conference on Cyber Security and Protection of Digital Services (Cyber Security) - Dublin, Irland
Varighed: 15 jun. 202019 jun. 2020

Konference

Konference 2020 International Conference on Cyber Security and Protection of Digital Services (Cyber Security)
LandIrland
ByDublin
Periode15/06/202019/06/2020

Fingeraftryk Dyk ned i forskningsemnerne om 'Cyber-security research by ISPs: A NetFlow and DNS Anonymization Policy'. Sammen danner de et unikt fingeraftryk.

  • Citationsformater

    Andersen, M. F., Pedersen, J. M., & Vasilomanolakis, E. (2020). Cyber-security research by ISPs: A NetFlow and DNS Anonymization Policy. I 2020 International Conference on Cyber Security and Protection of Digital Services (Cyber Security) [9138869] IEEE. https://doi.org/10.1109/CyberSecurity49315.2020.9138869