GGrantIndex
← Search

CT-ISG: Computer Log Anonymization and Information Sharing

$400,000FY2005CSENSF

University Of Illinois At Urbana-Champaign, Urbana IL

Investigators

Abstract

Proposal ID: 0524643 Title: CT-ISG: Computer Log Anonymization and Information Sharing PI: Adam Slagell To make computer and network log anonymization most useful, solutions must be customizable. Current tools are inflexible and do not support more than a single type of log. This, in turn, has inhibited log sharing, making the detection and response to modern, distributed and coordinated attacks more difficult. The main goal of this project is to create an anonymization framework that allows users to choose from multiple levels of anonymization that make different trade-offs between information loss and the protection of sensitive logging information. This research accomplishes this by addressing the following 5 research problems: (1) create a classification of logs by the types of security events that can be detected, (2) create a metric of utility based upon the different fields within a set of logs, (3) determine how different anonymization algorithms affect this metric, (4) determine how the choice of anonymization algorithms affects the strength of the anonymization scheme itself, and (5) create an architecture that provides multi-level anonymization for logs while optimizing the log utility metric for a given security requirement. The results of this research project will remove barriers that have prevented many organizations from sharing logs, thus making it more likely to detect and understand broad and coordinated attacks.

View original record on NSF Award Search →