Skip to Main Content
Privacy issues are concerned when data holders share their detected security data for correlation and analysis purpose. This paper proposes an approach to correlate and analyze intrusion alerts, while preserve privacy for alert holders. The raw intrusion alerts are protected by improved k-anonymity model, which preserves the alert regulation inside disturbed data records. With this privacy preserving technique, combing the typical FP-tree association rules mining algorithm, the approach provides the capacity of well balancing the alert correlation and the privacy preservation. Experimental results show that this approach works comparatively efficient and reaches a well balance between the alerts correlation and the privacy issues.