论文信息 - Anonymizing Cybersecurity Data in Critical Infrastructures: The CIPSEC Approach

Anonymizing Cybersecurity Data in Critical Infrastructures: The CIPSEC Approach

Cybersecurity logs are permanently generated by network devices to describe security incidents. With modern computing technology, such logs can be exploited to counter threats in real time or before they gain a foothold. To improve these capabilities, logs are usually shared with external entities. However, since cybersecurity logs might contain sensitive data, serious privacy concerns arise, even more when critical infrastructures (CI), handling strategic data, are involved. We propose a tool to protect privacy by anonymizing sensitive data included in cybersecurity logs. We implement anonymization mechanisms grouped through the definition of a privacy policy. We adapt said approach to the context of the EU project CIPSEC that builds a unified security framework to orchestrate security products, thus offering better protection to a group of CIs. Since this framework collects and processes security-related data from multiple devices of CIs, our work is devoted to protecting privacy by integrating our anonymization approach.

[1] Mukesh K. Mohania,et al. Efficient techniques for document sanitization , 2008, CIKM '08.

[2] B. Obama. Presidential Policy Directive 21: Critical Infrastructure Security and Resilience , 2013 .

[3] David Sánchez,et al. C‐sanitized: A privacy model for document redaction and sanitization , 2014, J. Assoc. Inf. Sci. Technol..

[4] David Sánchez,et al. Minimizing the disclosure risk of semantic correlations in document sanitization , 2013, Inf. Sci..

[5] David Sánchez,et al. Utility-preserving sanitization of semantically correlated terms in textual documents , 2014, Inf. Sci..