Methods for centralized privacy-preserving collaborative threat mitigation

摘要

One embodiment of the present invention provides a system to facilitate collaboration for mitigating network threats. During operation, the system receives encrypted data sets from a plurality of entities. The data sets including data describing threats to network security. The system performs privacy-preserving operations on the encrypted data sets, such as private set intersection. The system then computes one or more metrics based on results of the private set intersection computations. The system may generate a similarity matrix based on the one or more metrics, and returns one or more similarity values from the similarity matrix to one or more entities of the plurality of entities.

主权项

1. A method to facilitate privacy-preserving collaboration for mitigating network threats performed by a server, comprising:
receiving, at the server, an encrypted data set from each entity of a plurality of entities, wherein a respective encrypted data set includes a respective encrypted data describing threats to network security; performing, by the server, a metric-computing operation for each entity of the plurality of entities, which involves performing the metric-computing operation on a respective entity's encrypted data set with the encrypted data set of other entities in the plurality of entities to compute metric values, with a respective metric value corresponding to a respective entity of the other entities in the plurality of entities; generating, by the server for each entity of the plurality of entities, a similarity matrix based on the metric values, wherein a respective row or column in the similarity matrix includes metric values computed from performing the metric-computing operation with a respective entity's encrypted data set and encrypted data sets of other entities of the plurality of entities; and returning, by the server, a row or column of metric values from the similarity matrix to each entity of the plurality of entities.