To access the full text documents, please follow this link: http://hdl.handle.net/2117/176093
dc.contributor | Universitat Politècnica de Catalunya. Doctorat en Enginyeria Telemàtica |
---|---|
dc.contributor | Universitat Politècnica de Catalunya. Departament d'Enginyeria Telemàtica |
dc.contributor | Universitat Politècnica de Catalunya. SISCOM - Smart Services for Information Systems and Communication Networks |
dc.contributor.author | Rodríguez Hoyos, Ana Fernanda |
dc.contributor.author | Estrada Jiménez, José Antonio |
dc.contributor.author | Rebollo-Monedero, David |
dc.contributor.author | Forné Muñoz, Jorge |
dc.contributor.author | Trapero Burgos, Rubén |
dc.contributor.author | Álvarez Romero, Antonio |
dc.date | 2019 |
dc.identifier.citation | Rodríguez-Hoyos, A. [et al.]. Anonymizing cybersecurity data in critical infrastructures: the CIPSEC approach. A: International Conference on Information Systems for Crisis Response and Management. "ISCRAM 2019: 16th International Conference on Information Systems for Crisis Response and Management: conference proceedings: Valencia (Spain): May 19-22". ISCRAM, 2019, p. 1198-1208. |
dc.identifier.citation | 978-84-09-10498-7 |
dc.identifier.uri | http://hdl.handle.net/2117/176093 |
dc.description.abstract | Cybersecurity logs are permanently generated by network devices to describe security incidents. With modern computing technology, such logs can be exploited to counter threats in real time or before they gain a foothold. To improve these capabilities, logs are usually shared with external entities. However, since cybersecurity logs might contain sensitive data, serious privacy concerns arise, even more when critical infrastructures (CI), handling strategic data, are involved. We propose a tool to protect privacy by anonymizing sensitive data included in cybersecurity logs. We implement anonymization mechanisms grouped through the definition of a privacy policy. We adapt said approach to the context of the EU project CIPSEC that builds a unified security framework to orchestrate security products, thus offering better protection to a group of CIs. Since this framework collects and processes security-related data from multiple devices of CIs, our work is devoted to protecting privacy by integrating our anonymization approach. |
dc.description.abstract | Peer Reviewed |
dc.language.iso | eng |
dc.publisher | ISCRAM |
dc.relation | http://idl.iscram.org/files/anarodriguez-hoyos/2019/1934_AnaRodriguez-Hoyos_etal2019.pdf |
dc.relation | info:eu-repo/grantAgreement/EC/H2020/700378/EU/Enhancing Critical Infrastructure Protection with innovative SECurity framework/CIPSEC |
dc.relation | info:eu-repo/grantAgreement/ES/1PE/TEC2014-54335-C4-1-R |
dc.relation | info:eu-repo/grantAgreement/AEI/2PE/TEC2017-84197-C4-3-R |
dc.rights | Attribution-NonCommercial-NoDerivs 3.0 Spain |
dc.rights | info:eu-repo/semantics/openAccess |
dc.rights | http://creativecommons.org/licenses/by-nc-nd/3.0/es/ |
dc.subject | Àrees temàtiques de la UPC::Informàtica::Seguretat informàtica |
dc.subject | Computer security |
dc.subject | Privacy |
dc.subject | Critical infrastructures |
dc.subject | Data anonymization |
dc.subject | CIPSEC |
dc.subject | Security logs |
dc.subject | Seguretat informàtica |
dc.title | Anonymizing cybersecurity data in critical infrastructures: the CIPSEC approach |
dc.type | info:eu-repo/semantics/publishedVersion |
dc.type | info:eu-repo/semantics/conferenceObject |