Privacy preserving of IP address through truncation method in network-based intrusion detection system

Yee Jian Chew, Shih Yin Ooi, Kok Seng Wong, Ying Han Pang

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Network-based Intrusion Detection System (IDS) is gaining wide attention from the research community since the past decades. While having a precise classification model in separating the normal and malicious network traffics is still remain as the ultimate goal, the privacy protection for network traffic database cannot be ignore as well. The impetuous ignorance of database privacy will continue to restrain governments, organisations and individuals in releasing the real and ontological network traces. The common solution to tackle this matter is anonymising the database through the statistical approach. Anonymising can be referred to masking, hiding or removing certain sensitive information from the database. Thus, this will be subsequently resulting in information loss. In this paper, a truncation method is explored to preserve the sensitive information of the network traffic database (i.e. IP addresses). The truncated database is then tested with 10 machine learning classifiers from Weka. We tested four different options of IP address truncation against the 6 percent of GureKDDCup dataset.

Original languageEnglish
Title of host publicationACM International Conference Proceeding Series
PublisherAssociation for Computing Machinery
Pages569-573
Number of pages5
ISBN (Print)9781450365734
DOIs
Publication statusPublished - Jan 1 2019
Event8th International Conference on Software and Computer Applications, ICSCA 2019 - Penang, Malaysia
Duration: Feb 19 2019Feb 21 2019

Publication series

NameACM International Conference Proceeding Series
VolumePart F147956

Conference

Conference8th International Conference on Software and Computer Applications, ICSCA 2019
CountryMalaysia
CityPenang
Period2/19/192/21/19

Fingerprint

Intrusion detection
Learning systems
Classifiers

Keywords

  • GureKDDCup
  • Intrusion detection system (IDS)
  • IP address truncation
  • Machine learning
  • Privacy
  • Weka

ASJC Scopus subject areas

  • Human-Computer Interaction
  • Computer Networks and Communications
  • Computer Vision and Pattern Recognition
  • Software

Cite this

Chew, Y. J., Ooi, S. Y., Wong, K. S., & Pang, Y. H. (2019). Privacy preserving of IP address through truncation method in network-based intrusion detection system. In ACM International Conference Proceeding Series (pp. 569-573). (ACM International Conference Proceeding Series; Vol. Part F147956). Association for Computing Machinery. https://doi.org/10.1145/3316615.3316626

Privacy preserving of IP address through truncation method in network-based intrusion detection system. / Chew, Yee Jian; Ooi, Shih Yin; Wong, Kok Seng; Pang, Ying Han.

ACM International Conference Proceeding Series. Association for Computing Machinery, 2019. p. 569-573 (ACM International Conference Proceeding Series; Vol. Part F147956).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Chew, YJ, Ooi, SY, Wong, KS & Pang, YH 2019, Privacy preserving of IP address through truncation method in network-based intrusion detection system. in ACM International Conference Proceeding Series. ACM International Conference Proceeding Series, vol. Part F147956, Association for Computing Machinery, pp. 569-573, 8th International Conference on Software and Computer Applications, ICSCA 2019, Penang, Malaysia, 2/19/19. https://doi.org/10.1145/3316615.3316626
Chew YJ, Ooi SY, Wong KS, Pang YH. Privacy preserving of IP address through truncation method in network-based intrusion detection system. In ACM International Conference Proceeding Series. Association for Computing Machinery. 2019. p. 569-573. (ACM International Conference Proceeding Series). https://doi.org/10.1145/3316615.3316626
Chew, Yee Jian ; Ooi, Shih Yin ; Wong, Kok Seng ; Pang, Ying Han. / Privacy preserving of IP address through truncation method in network-based intrusion detection system. ACM International Conference Proceeding Series. Association for Computing Machinery, 2019. pp. 569-573 (ACM International Conference Proceeding Series).
@inproceedings{fc4d4314f41241e9ad8cb80dea1b042d,
title = "Privacy preserving of IP address through truncation method in network-based intrusion detection system",
abstract = "Network-based Intrusion Detection System (IDS) is gaining wide attention from the research community since the past decades. While having a precise classification model in separating the normal and malicious network traffics is still remain as the ultimate goal, the privacy protection for network traffic database cannot be ignore as well. The impetuous ignorance of database privacy will continue to restrain governments, organisations and individuals in releasing the real and ontological network traces. The common solution to tackle this matter is anonymising the database through the statistical approach. Anonymising can be referred to masking, hiding or removing certain sensitive information from the database. Thus, this will be subsequently resulting in information loss. In this paper, a truncation method is explored to preserve the sensitive information of the network traffic database (i.e. IP addresses). The truncated database is then tested with 10 machine learning classifiers from Weka. We tested four different options of IP address truncation against the 6 percent of GureKDDCup dataset.",
keywords = "GureKDDCup, Intrusion detection system (IDS), IP address truncation, Machine learning, Privacy, Weka",
author = "Chew, {Yee Jian} and Ooi, {Shih Yin} and Wong, {Kok Seng} and Pang, {Ying Han}",
year = "2019",
month = "1",
day = "1",
doi = "10.1145/3316615.3316626",
language = "English",
isbn = "9781450365734",
series = "ACM International Conference Proceeding Series",
publisher = "Association for Computing Machinery",
pages = "569--573",
booktitle = "ACM International Conference Proceeding Series",

}

TY - GEN

T1 - Privacy preserving of IP address through truncation method in network-based intrusion detection system

AU - Chew, Yee Jian

AU - Ooi, Shih Yin

AU - Wong, Kok Seng

AU - Pang, Ying Han

PY - 2019/1/1

Y1 - 2019/1/1

N2 - Network-based Intrusion Detection System (IDS) is gaining wide attention from the research community since the past decades. While having a precise classification model in separating the normal and malicious network traffics is still remain as the ultimate goal, the privacy protection for network traffic database cannot be ignore as well. The impetuous ignorance of database privacy will continue to restrain governments, organisations and individuals in releasing the real and ontological network traces. The common solution to tackle this matter is anonymising the database through the statistical approach. Anonymising can be referred to masking, hiding or removing certain sensitive information from the database. Thus, this will be subsequently resulting in information loss. In this paper, a truncation method is explored to preserve the sensitive information of the network traffic database (i.e. IP addresses). The truncated database is then tested with 10 machine learning classifiers from Weka. We tested four different options of IP address truncation against the 6 percent of GureKDDCup dataset.

AB - Network-based Intrusion Detection System (IDS) is gaining wide attention from the research community since the past decades. While having a precise classification model in separating the normal and malicious network traffics is still remain as the ultimate goal, the privacy protection for network traffic database cannot be ignore as well. The impetuous ignorance of database privacy will continue to restrain governments, organisations and individuals in releasing the real and ontological network traces. The common solution to tackle this matter is anonymising the database through the statistical approach. Anonymising can be referred to masking, hiding or removing certain sensitive information from the database. Thus, this will be subsequently resulting in information loss. In this paper, a truncation method is explored to preserve the sensitive information of the network traffic database (i.e. IP addresses). The truncated database is then tested with 10 machine learning classifiers from Weka. We tested four different options of IP address truncation against the 6 percent of GureKDDCup dataset.

KW - GureKDDCup

KW - Intrusion detection system (IDS)

KW - IP address truncation

KW - Machine learning

KW - Privacy

KW - Weka

UR - http://www.scopus.com/inward/record.url?scp=85066033487&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85066033487&partnerID=8YFLogxK

U2 - 10.1145/3316615.3316626

DO - 10.1145/3316615.3316626

M3 - Conference contribution

AN - SCOPUS:85066033487

SN - 9781450365734

T3 - ACM International Conference Proceeding Series

SP - 569

EP - 573

BT - ACM International Conference Proceeding Series

PB - Association for Computing Machinery

ER -