Sharing data among organizations is essential in detecting attacks in computer networks. When this collaboration is done in the sectoral or international levels, there is no trusted entity, and the data analysis has to be done in a distributed manner. For organizations to agree to share the data, it should be ensured that no confidential data will be leaked. In addition, this data contains in many cases information of individual clients. For legal reasons and to retain clients’ trust, it is important that information on individuals doesn’t leak. To prevent such leakage, we want to provide differential privacy, which, informally, guarantees no information leakage.
We will build a firm theoretical foundations and an implementedinfrastructure that will serve as a basis for the construction of distributed collaborativeintrusion detection and prevention systems.
The main two tools that we will use are differentially private analyses and secure function evaluation. We will develop the scientific foundation that will enable using these tools to construct a system that provides privacy while making it possible to perform meaningful analyses. Lately, quite efficient implementations of secure function evaluation protocols have been constructed using various cryptographic tools. In addition, methods for constructing differentially private analyses have been developed. We will use these protocols and the methods that we will develop to construct a prototype of a distributed infrastructure for detecting and preventing attacks. To construct this system, we will need to design efficient secure protocols for new tasks.
Prof. Amos Beimel
Dr. Eran Omri
Dr. Amit Dvir
Current Ph.D. students:
Aner Ben Efraim
Post Doctoral researchers: Ilan Orlov