Key escrow schemes with sliding window for privacy-aware anomaly detection system

Requirements for a traffic monitoring system can be very demanding as both privacy and performance aspects have to be taken into account jointly. Moreover, the legislation sets forth strict rules that must also be met. Various cryptographic primitives provide invaluable tools for realising privacy enforcing mechanisms in such a system with respect to the above mentioned goals. In this paper, we consider an arbitrary traffic anomaly detection system consisting of two stages. The first stage pre-processes the monitored traffic with both data rate reduction and privacy protection in mind. The second stage is in charge of the final analysis and storing the relevant information. In particular, the privacy sensitive information is encrypted on per flow basis by the first stage, so that the second stage cannot access any flow without an appropriate key, which is given only when there is a strong reason to do so. In this setting, we study a sliding window type of mechanism for escrowing a secret decryption key from the first stage to the second in response to observing a sufficient number of malicious events within a specified time duration. Given the flow specific key, the second stage can then take a closer look at the corresponding part of the traffic, and decide on further actions. As a result, the privacy of the other users cannot be violated.