A Privacy-Preserving Infrastructure to Monitor Encrypted DNS Logs - Télécom SudParis Access content directly
Conference Papers Year : 2023

A Privacy-Preserving Infrastructure to Monitor Encrypted DNS Logs


In the realm of cybersecurity, logging system and application activity is a crucial technique to detect and understand cyberattacks by identifying Indicators of Compromise (IoCs). Since these logs can take vast amounts of disk space, it can be tempting to delegate their storage to an external service provider. This requires to encrypt the data, so the service provider does not have access to possibly sensitive information. However, this usually makes it impossible to search for relevant information in the encrypted log. To address this predicament, this paper delves into the realm of modern cryptographic tools to reconcile the dual objectives of protecting log data from prying eyes while enabling controlled processing. We propose a comprehensive framework that contextualizes log data and presents several mechanisms to solve the outsourcing problem, allowing searchable encryption, and we apply our approach to DNS logs. Our contributions include the introduction of two novel schemes, namely symmetric and asymmetric, which facilitate efficient and secure retrieval of intrusion detection-related information from encrypted outsourced storage. Furthermore, we conduct extensive experiments on a test bed to evaluate and compare the effectiveness of the different solutions, providing valuable insights into the practical implementation of our proposed infrastructure for monitoring encrypted logs.
Fichier principal
Vignette du fichier
crisis-2023--content.pdf (540.66 Ko) Télécharger le fichier
Origin Files produced by the author(s)

Dates and versions

hal-04609669 , version 1 (12-06-2024)



Adam Oumar Abdel-Rahman, Olivier Levillain, Eric Totel. A Privacy-Preserving Infrastructure to Monitor Encrypted DNS Logs. 18th International Conference on Risks and Security of Internet and Systems ( CRiSIS), Dec 2023, Rabat (MOROCCO), Morocco. pp.185-199, ⟨10.1007/978-3-031-61231-2_12⟩. ⟨hal-04609669⟩
25 View
7 Download



Gmail Mastodon Facebook X LinkedIn More