Collaborative Filtering for Community Threats

We discuss the threats posed by attacks on computer infrastructure, and particularly attacks from distributed, stealthy sources. We propose that these attacks would best be detected by distributed networks of sensors, and that these distributed networks must protect the privacy, confidentiality and anonymity of their members. We briefly outline a network attack detection technique we are working on that is based on privacy-preserving collaborative filtering, and discuss some related work. An Emerging Threat In the Spring of 2003, a new sort of trojan horse was discovered that puzzled security analysts. Dubbed “Stumbler” (aka 55808 and Typot), this malware did not fit any of the standard categories. Stealthier than typical (not designe