Real Transmission Control Protocol synchronise (TCP SYN) packet counts availability will be of great benefit in anomaly detection. TCP SYN packet counts can beused for training intrusion detection system to detect a denial of service attack called TCP SYN flooding. However, there are privacy and legal issues that limit the direct release of such data to the public. This work aims at providing differentially private TCP SYN packet counts. Utility evaluation indicates that the differentially private counts can be used to make inferences at certain thresholds of the anomaly based detection algorithm with minimum information loss while preserving privacy.
Reference:
Mkuzangwe, N.N.P. and Nelwamondo, F.V. 2019. Differentially private transmission control protocol synchronise packet counts. International Journal of Network Security, v21(5), pp 835-842
Mkuzangwe, N. N., & Nelwamondo, F. V. (2019). Differentially private transmission control protocol synchronise packet counts. http://hdl.handle.net/10204/11317
Mkuzangwe, Nenekazi NP, and Fulufhelo V Nelwamondo "Differentially private transmission control protocol synchronise packet counts." (2019) http://hdl.handle.net/10204/11317
Copyright: 2019 International Journal of Network Security. Due to copyright restrictions, the attached PDF file only contains the abstract of the full text item. For access to the full text item, kindly consult the publisher's website.