TY - GEN
T1 - Sharing of Network Flow Data across Organizations using Searchable Encryption
AU - Florea, Iulia Maria
AU - Ghinita, Gabriel
AU - Rughinis, Razvan
N1 - Publisher Copyright:
© 2021 IEEE.
PY - 2021/5
Y1 - 2021/5
N2 - Given that an increasingly larger part of an organization's activity is taking place online, especially in the current situation caused by the COVID-19 pandemic, network log data collected by organizations contain an accurate image of daily activity patterns. In some scenarios, it may be useful to share such data with other parties in order to improve collaboration, or to address situations such as cyber-security incidents that may affect multiple organizations. However, in doing so, serious privacy concerns emerge. One can uncover a lot of sensitive information when analyzing an organization's network logs, ranging from confidential business interests to personal details of individual employees (e.g., medical conditions, political orientation, etc). Our objective is to enable organizations to share information about their network logs, while at the same time preserving data privacy. Specifically, we focus on enabling encrypted search at network flow granularity. We consider several state-of-the-art searchable encryption flavors for this purpose (including hidden vector encryption and inner product encryption), and we propose several customized encoding techniques for network flow information in order to reduce the overhead of applying state-of-the-art searchable encryption techniques, which are notoriously expensive.
AB - Given that an increasingly larger part of an organization's activity is taking place online, especially in the current situation caused by the COVID-19 pandemic, network log data collected by organizations contain an accurate image of daily activity patterns. In some scenarios, it may be useful to share such data with other parties in order to improve collaboration, or to address situations such as cyber-security incidents that may affect multiple organizations. However, in doing so, serious privacy concerns emerge. One can uncover a lot of sensitive information when analyzing an organization's network logs, ranging from confidential business interests to personal details of individual employees (e.g., medical conditions, political orientation, etc). Our objective is to enable organizations to share information about their network logs, while at the same time preserving data privacy. Specifically, we focus on enabling encrypted search at network flow granularity. We consider several state-of-the-art searchable encryption flavors for this purpose (including hidden vector encryption and inner product encryption), and we propose several customized encoding techniques for network flow information in order to reduce the overhead of applying state-of-the-art searchable encryption techniques, which are notoriously expensive.
KW - Hidden Vector Encryption
KW - Inner Product Encryption
KW - Predicate Based Encryption
KW - Searchable Encryption
UR - http://www.scopus.com/inward/record.url?scp=85112033956&partnerID=8YFLogxK
U2 - 10.1109/CSCS52396.2021.00038
DO - 10.1109/CSCS52396.2021.00038
M3 - Conference contribution
AN - SCOPUS:85112033956
T3 - Proceedings - 2021 23rd International Conference on Control Systems and Computer Science Technologies, CSCS 2021
SP - 189
EP - 196
BT - Proceedings - 2021 23rd International Conference on Control Systems and Computer Science Technologies, CSCS 2021
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 23rd International Conference on Control Systems and Computer Science Technologies, CSCS 2021
Y2 - 26 May 2021 through 28 May 2021
ER -