Protection of personal data in security alert sharing platforms

Stupka, Václav; Horák, Martin; Husák, Martin

doi:10.1145/3098954.3105822

Cited by 8 publications

(6 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Another problem may arise if the method would be used to evaluate IP addresses that have not been detected as malicious (yet), which is theoretically possible and may lead to non-zero FMP scores thanks to the "prefix" features and other data not derived from previous alerts of the IP. In such a case, one can run into legal issues, since such activity can be seen as "profiling," and performing some actions, such as blocking traffic, based on it might be illegal in some jurisdictions, such as EU's GDPR [41].…”

Section: Discussionmentioning

confidence: 99%

“…An interesting non-technical issue is a risk associated with processing private information. There is a risk in profiling [41]. The risk may be a concern for the first two methods; the third method is not processing network entities.…”

Section: Comparison and Discussionmentioning

confidence: 99%

“…For example, if it shares similar characteristics with malicious actors. Limiting access to the defended system from such a network entity would cross the law [41].…”

Section: Comparison and Discussionmentioning

confidence: 99%

See 2 more Smart Citations

Predictive methods in cyber defense: Current experience and research challenges

Husák

Bartoš

Sokol

et al. 2021

Future Generation Computer Systems

Self Cite

View full text Add to dashboard Cite

Section: Discussionmentioning

confidence: 99%

Section: Comparison and Discussionmentioning

confidence: 99%

See 1 more Smart Citation

Predictive methods in cyber defense: Current experience and research challenges

Husák

Bartoš

Sokol

et al. 2021

Future Generation Computer Systems

Self Cite

View full text Add to dashboard Cite

“…GDPR states that IP addresses and other identifiers, which are shared within the SABU platform, are personal data. Thus, we found a way to comply with the law by identifying risks to privacy [8] and conducting a balance test that showed that the benefits of information sharing in cyber security are higher than risks of harm to privacy [9].…”

Section: Perception Level: Intrusion Detectionmentioning

confidence: 99%

Predictions of Network Attacks in Collaborative Environment

Husák

Čeleda

2020

NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium

View full text Add to dashboard Cite

This paper is a digest of the thesis on predicting cyber attacks in a collaborative environment. While previous works mostly focused on predicting attacks as seen from a single observation point, we proposed taking advantage of collaboration and exchange of intrusion detection alerts among organizations and networks. Thus, we can observe the cyber attack on a large scale and predict the next action of an adversary and its target. The thesis follows the three levels of cyber situational awareness: perception, comprehension, and projection. In the perception phase, we discuss the improvements of intrusion detection systems that allow for sharing intrusion detection alerts and their correlation. In the comprehension phase, we employed data mining to discover frequent attack patterns. In the projection phase, we present the analytical framework for the predictive analysis of the alerts backed by data mining and contemporary data processing approaches. The results are shown from experimental evaluation in the security alert sharing platform SABU, where real-world alerts from Czech academic and commercial networks are shared. The thesis is accompanied by the implementation of the analytical framework and a dataset that provides a baseline for future work.

show abstract

“…Replacing a "Directive" by a "Regulation" makes it applicable in all EU member states without the need of approval as national legislation and allows for harmonization of rules within the European Union (Stupka et al, 2017).…”

Section: Introductionmentioning

confidence: 99%

GDPR Compliance in SMEs: There is much to be done

Freitas

Silva

2018

Journal of Information Systems Engineering & Management

View full text Add to dashboard Cite

The obligatory adaptation of Organizations to the General Data Protection Regulation (EU) 2016/679 (GDPR), will imply a set of legal, technological and functional changes, with a direct impact on the daily life of Organizations as a result of their increased responsibility with data protection subjects that has been reinforced by the new legislation. On the other hand, the transfer of responsibilities from the national authorities to the Organizations obliges them to prove, at all times, full compliance with the legislation. Organizations are subject to heavy fines when a non-compliance is detected. This new reality is a challenge for any Organization, and in particular for small and medium-sized enterprises (SMEs), which have fewer human and financial resources to carry out the necessary measures to comply with legislation. In order to know how SMEs are preparing themselves, we have conducted face-to-face interviews with ten industrial SMEs. The main conclusion is that, given these companies' lack of awareness of their obligations and duties in relation to Personal Data Protection, it is urgent to define a methodology to be able to comply with GDPR.

show abstract

Protection of personal data in security alert sharing platforms

Abstract: In order to ensure con dentiality, integrity and availability (so called CIA triad) of data within network infrastructure, it is necessary to be able to detect and handle cyber security incidents. For this purpose,

Cited by 8 publications

References 15 publications

Predictive methods in cyber defense: Current experience and research challenges

Predictive methods in cyber defense: Current experience and research challenges

Predictions of Network Attacks in Collaborative Environment

GDPR Compliance in SMEs: There is much to be done

Contact Info

Product

Resources

About