{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,17]],"date-time":"2026-02-17T02:13:38Z","timestamp":1771294418183,"version":"3.50.1"},"reference-count":46,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2014,8,5]],"date-time":"2014-08-05T00:00:00Z","timestamp":1407196800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Ethics Inf Technol"],"published-print":{"date-parts":[[2014,9]]},"DOI":"10.1007\/s10676-014-9348-3","type":"journal-article","created":{"date-parts":[[2014,8,4]],"date-time":"2014-08-04T05:10:44Z","timestamp":1407129044000},"page":"227-240","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":8,"title":["A roadmap towards improving managed security services from a privacy perspective"],"prefix":"10.1007","volume":"16","author":[{"given":"Nils","family":"Ulltveit-Moe","sequence":"first","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2014,8,5]]},"reference":[{"key":"9348_CR1","unstructured":"Acquisti, A., John, L., & Loewenstein, G. (2010). What is privacy worth? http:\/\/www.futureofprivacy.org\/wp-content\/uploads\/2010\/07\/privacy-worth-acquisti-FPF ."},{"key":"9348_CR2","doi-asserted-by":"crossref","first-page":"192","DOI":"10.1007\/11496137_14","volume":"3531","author":"A Alharby","year":"2005","unstructured":"Alharby, A., & Imai, H. (2005). IDS false alarm reduction using continuous and discontinuous patterns. Lecture Notes in Computer Science, 3531, 192\u2013205.","journal-title":"Lecture Notes in Computer Science"},{"key":"9348_CR3","unstructured":"Baker, M., Turnbull, D., & Kaszuba, G. (2012). Finding needles in haystacks (the size of countries). http:\/\/media.blackhat.com\/bh-eu-12\/Baker\/bh-eu-12-Baker-Needles_Haystacks-WP ."},{"key":"9348_CR4","doi-asserted-by":"crossref","first-page":"187","DOI":"10.1007\/978-1-4419-6967-5_10","volume-title":"Economics of Information Security and Privacy","author":"S Berthold","year":"2010","unstructured":"Berthold, S., & B\u00f6hme, R. (2010). Valuating privacy with option pricing theory. In T. Moore, D. Pym, & C. Ioannidis (Eds.), Economics of Information Security and Privacy (pp. 187\u2013209). US: Springer."},{"key":"9348_CR5","unstructured":"Bicknell, P., & Jean, H. (2011). National information assurance partnership common criteria evaluation and validation scheme, validation report hp tippingpoint intrusion prevention systems. http:\/\/www.commoncriteriaportal.org\/files\/epfiles\/st_vid10345-vr ."},{"key":"9348_CR6","unstructured":"Cavoukian, A. (2009). Whole body imaging in airport scanners: Activate privacy filters to achieve security and privacy. http:\/\/www.ipc.on.ca\/images\/Resources\/wholebodyimaging ."},{"issue":"2","key":"9348_CR7","doi-asserted-by":"crossref","first-page":"405","DOI":"10.1007\/s12394-010-0053-z","volume":"3","author":"A Cavoukian","year":"2010","unstructured":"Cavoukian, A., Taylor, S., & Abrams, M. E. (2010). Privacy by design\u2014Essential for organizational accountability and strong business practices. Identity in the Information Society, 3(2), 405\u2013413.","journal-title":"Identity in the Information Society"},{"key":"9348_CR8","unstructured":"Ciriani, V., di Vimercati, S. C., Foresti, S., & Samarati, P. (2007). k-Anonymity. In: Secure data management in decentralized systems (pp. 323\u2013353). Springer."},{"key":"9348_CR9","unstructured":"Cisco (2013). Writing custom signatures for the cisco intrusion prevention system. http:\/\/www.cisco.com\/web\/about\/security\/intelligence\/ips_custom_sigs_pdf ."},{"issue":"6","key":"9348_CR10","doi-asserted-by":"crossref","first-page":"627","DOI":"10.1016\/j.patrec.2005.09.028","volume":"27","author":"A Cord","year":"2006","unstructured":"Cord, A., Ambroise, C., & Cocquerez, J. P. (2006). Feature selection in robust clustering based on laplace mixture. Pattern Recognition Letters, 27(6), 627\u2013635. doi: 10.1016\/j.patrec.2005.09.028 .","journal-title":"Pattern Recognition Letters"},{"key":"9348_CR11","unstructured":"Ding, W., Yurcik, W., & Yin, X. (2005). Outsourcing internet security: Economic analysis of incentives for managed security service providers. In: Internet and network economics, LNCS, vol 3828 (pp. 947\u2013958). Springer."},{"key":"9348_CR12","doi-asserted-by":"crossref","unstructured":"Dwork, C. (2006). Differential privacy. Automata, languages and programming (pp. 1\u201312).","DOI":"10.1007\/11787006_1"},{"key":"9348_CR13","unstructured":"European Commission. (2002). Directive 2002\/58\/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications). http:\/\/eur-lex.europa.eu\/LexUriServ\/LexUriServ.do?uri=CELEX:32002L0058:en:NOT ."},{"key":"9348_CR14","unstructured":"European Communities. (2014). Digital security: Cybersecurity, privacy and trust. URL http:\/\/ec.europa.eu\/research\/participants\/portal\/desktop\/en\/opportunities\/h2020\/topics\/99-ds-01-2014.html ."},{"issue":"3","key":"9348_CR15","doi-asserted-by":"crossref","first-page":"381","DOI":"10.1109\/34.990138","volume":"24","author":"MAT Figueiredo","year":"2002","unstructured":"Figueiredo, M. A. T., & Jain, A. K. (2002). Unsupervised learning of finite mixture models. IEEE Transactions on Pattern Analysis and Machine Intelligence, 24(3), 381\u2013396. doi: 10.1109\/34.990138 .","journal-title":"IEEE Transactions on Pattern Analysis and Machine Intelligence"},{"key":"9348_CR16","volume-title":"Privacy-respecting intrusion detection","author":"U Flegel","year":"2007","unstructured":"Flegel, U. (2007). Privacy-respecting intrusion detection (1st ed.). Berlin: Springer.","edition":"1"},{"key":"9348_CR17","unstructured":"Gartner. (2010). Magic quadrant for network intrusion prevention systems. URL http:\/\/mcafee.zinfi.com\/enduser\/ngns\/dyntek1\/file\/McAfee_vol4-art5 ."},{"issue":"4","key":"9348_CR18","doi-asserted-by":"crossref","first-page":"438","DOI":"10.1145\/581271.581274","volume":"5","author":"LA Gordon","year":"2002","unstructured":"Gordon, L. A., & Loeb, M. P. (2002). The economics of information security investment. ACM Transactions on Information and System Security, 5(4), 438\u2013457. doi: 10.1145\/581271.581274 .","journal-title":"ACM Transactions on Information and System Security"},{"issue":"4","key":"9348_CR19","doi-asserted-by":"crossref","first-page":"197","DOI":"10.1007\/s10207-006-0010-x","volume":"6","author":"S Gritzalis","year":"2007","unstructured":"Gritzalis, S., Yannacopoulos, A., Lambrinoudakis, C., Hatzopoulos, P., & Katsikas, S. (2007). A probabilistic model for optimal insurance contracts against security risks and privacy violation in IT outsourcing environments. International Journal of Information Security, 6(4), 197\u2013211. doi: 10.1007\/s10207-006-0010-x .","journal-title":"International Journal of Information Security"},{"issue":"3","key":"9348_CR20","doi-asserted-by":"crossref","first-page":"146","DOI":"10.1109\/MCOM.2012.6163595","volume":"50","author":"CY Ho","year":"2012","unstructured":"Ho, C. Y., Lai, Y. C., Chen, I. W., Wang, F. Y., & Tai, W. H. (2012). Statistical analysis of false positives and false negatives from real traffic with intrusion detection\/prevention systems. IEEE Communications Magazine, 50(3), 146\u2013154. doi: 10.1109\/MCOM.2012.6163595 .","journal-title":"IEEE Communications Magazine"},{"key":"9348_CR21","volume-title":"A practical guide to security assessments","author":"S Kairab","year":"2005","unstructured":"Kairab, S. (2005). A practical guide to security assessments. Boca Raton, Florida: Auerbach Publications."},{"key":"9348_CR22","unstructured":"Richards, N. M., King, J. H. (2013). Three paradoxes of big data. Stanford Law Review Online 66:41, URL http:\/\/www.stanfordlawreview.org\/online\/privacy-and-big-data\/three-paradoxes-big-data ."},{"key":"9348_CR24","unstructured":"Machanavajjhala, A., Kifer, D., Gehrke, J., Venkitasubramaniam, M. (2007). l-diversity: Privacy beyond k-anonymity. Cornell University p 52, URL http:\/\/www.truststc.org\/pubs\/465.html ."},{"issue":"4","key":"9348_CR25","doi-asserted-by":"crossref","first-page":"183","DOI":"10.1145\/1402946.1402980","volume":"38","author":"G Maier","year":"2008","unstructured":"Maier, G., Sommer, R., Dreger, H., Feldmann, A., Paxson, V., & Schneider, F. S. (2008). Enriching network security analysis with time travel. SIGCOMM Computer Communication Review, 38(4), 183\u2013194. doi: 10.1145\/1402946.1402980 .","journal-title":"SIGCOMM Computer Communication Review"},{"key":"9348_CR26","unstructured":"McAfee. (2007). Mcafee intrushield IPS, user-defined signature creation version 4.1. https:\/\/kc.mcafee.com\/resources\/sites\/MCAFEE\/content\/live\/PRODUCT_DOCUMENTATION\/20000\/PD20345\/en_US\/INTR_User-Defined_Signatures_4.1 ."},{"key":"9348_CR27","volume-title":"Quality improvement through planned experimentation","author":"RD Moen","year":"1999","unstructured":"Moen, R. D., Nolan, T. W., & Provost, L. P. (1999). Quality improvement through planned experimentation. New York: McGraw-Hill."},{"key":"9348_CR28","unstructured":"National Science Foundation. (2014). US NSF-CISE-funding. URL http:\/\/www.nsf.gov\/cise\/funding\/cyber_awards.jsp ."},{"key":"9348_CR29","unstructured":"Plashchynski, D. (2014). viewssld\u2014SSL traffic descryption daemon. URL http:\/\/sourceforge.net\/projects\/viewssld\/ ."},{"key":"9348_CR30","doi-asserted-by":"crossref","unstructured":"Popa, R. A., Redfield, C. M. S., Zeldovich, N., & Balakrishnan, H. (2011). CryptDB: Protecting confidentiality with encrypted query processing. In: Proceedings of the twenty-third ACM symposium on operating systems principles, ACM, New York, NY, USA, SOSP \u201911, (pp. 85\u2013100), doi: 10.1145\/2043556.2043566 .","DOI":"10.1145\/2043556.2043566"},{"key":"9348_CR31","first-page":"19","volume":"2008","author":"J Radianti","year":"2008","unstructured":"Radianti, J., & Ulltveit-Moe, N. (2008). Classification of malicious tools in underground markets for vulnerabilities. NISK, 2008, 19\u201331.","journal-title":"NISK"},{"key":"9348_CR23","unstructured":"Roesch, M. & Green, S. C. (2009). Snort. URL http:\/\/www.snort.org\/assets\/82\/snort_manual ."},{"key":"9348_CR32","unstructured":"Samuelson, P. (2000). Privacy as intellectual property? Stanford Law Review 52(5):1125\u20131173, URL http:\/\/www.jstor.org\/stable\/1229511 ."},{"key":"9348_CR33","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1109\/ITA.2010.5454092","volume":"2010","author":"L Sankar","year":"2010","unstructured":"Sankar, L., Rajagopalan, S., & Poor, H. (2010). Utility and privacy of data sources: Can Shannon help conceal and reveal information? Information Theory and Applications Workshop (ITA), 2010, 1\u20137. doi: 10.1109\/ITA.2010.5454092 .","journal-title":"Information Theory and Applications Workshop (ITA)"},{"key":"9348_CR34","unstructured":"Scarfone, K., Mell, P. (2007). Guide to intrusion detection and prevention systems (IDPS). http:\/\/csrc.nist.gov\/publications\/nistir\/ir7628\/nistir-7628_vol1 ."},{"key":"9348_CR35","doi-asserted-by":"crossref","first-page":"122","DOI":"10.1007\/978-3-540-45126-6_9","volume":"2742","author":"SE Schechter","year":"2003","unstructured":"Schechter, S. E., & Smith, M. D. (2003). How much security is enough to stop a thief? The economics of outsider theft via computer systems and networks. Financial Cryptography, 2742, 122\u2013137.","journal-title":"Financial Cryptography"},{"issue":"379\u2013423","key":"9348_CR36","doi-asserted-by":"crossref","first-page":"623","DOI":"10.1002\/j.1538-7305.1948.tb00917.x","volume":"27","author":"C Shannon","year":"1948","unstructured":"Shannon, C. (1948). A mathematical theory of communication. Bell System Technical Journal, 27(379\u2013423), 623\u2013656.","journal-title":"Bell System Technical Journal"},{"key":"9348_CR37","unstructured":"Smith, G. (2009). On the foundations of quantitative information flow. In: Alfaro, L. D. (Ed.), Foundations of software science and computational structures, no. 5504 in Lecture Notes in Computer Science (pp 288\u2013302). Berlin Heidelberg: Springer."},{"key":"9348_CR38","doi-asserted-by":"crossref","unstructured":"Smith, G. (2011). Quantifying information flow using min-entropy. In: Quantitative evaluation of systems (QEST), 2011 eighth international conference on, pp 159\u2013167, doi: 10.1109\/QEST.2011.31 .","DOI":"10.1109\/QEST.2011.31"},{"key":"9348_CR39","unstructured":"Sourcefire Vulnerability Research Team VRT. (2014). Download snort rules. URL http:\/\/www.snort.org\/downloads\/2862 ."},{"key":"9348_CR40","doi-asserted-by":"crossref","first-page":"557","DOI":"10.1142\/S0218488502001648","volume":"10","author":"L Sweeney","year":"2002","unstructured":"Sweeney, L. (2002). k-anonymity: A model for protecting privacy. International Journal on Uncertainty, Fuzziness and Knowledge-based Systems, 10, 557\u2013570.","journal-title":"International Journal on Uncertainty, Fuzziness and Knowledge-based Systems"},{"key":"9348_CR41","unstructured":"Tavallaee, M., Bagheri, E., Lu, W., & Ghorbani, A. (2010). A detailed analysis of the KDD CUP 99 data set. In: Second IEEE symposium on computational intelligence for security and defence applications 2009."},{"key":"9348_CR42","unstructured":"Trustwave. (2014). ModSecurity open source web application firewall. URL http:\/\/www.modsecurity.org ."},{"key":"9348_CR43","unstructured":"Ulltveit-Moe, N., Oleshchuk, V. A. (2013). Measuring privacy leakage for IDS rules. CoRR abs\/1308.5421."},{"key":"9348_CR44","doi-asserted-by":"crossref","unstructured":"Warren, S., & Brandeis, L. D. (1890). The right to privacy. Harvard Law Review, 4(5),","DOI":"10.2307\/1321160"},{"key":"9348_CR45","unstructured":"X-Force, I. S. S. (2011). Signature author\u2019s guide, IBM security systems opensignature. http:\/\/www-01.ibm.com\/support\/docview.wss?uid=swg21570487&aid=3 ."},{"key":"9348_CR46","unstructured":"Yannacopoulos, A. N., Lambrinoudakis, C., Gritzalis, S., Xanthopoulos, S. Z., & Katsikas, S. N. (2008). Modeling privacy insurance contracts and their utilization in risk management for ICT firms. Proceedings of the 13th European symposium on research in computer security: Computer security (pp. 207\u2013222). M\u00e1laga, Spain: Springer."}],"container-title":["Ethics and Information Technology"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10676-014-9348-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s10676-014-9348-3\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10676-014-9348-3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,8,13]],"date-time":"2019-08-13T10:31:53Z","timestamp":1565692313000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s10676-014-9348-3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014,8,5]]},"references-count":46,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2014,9]]}},"alternative-id":["9348"],"URL":"https:\/\/doi.org\/10.1007\/s10676-014-9348-3","relation":{},"ISSN":["1388-1957","1572-8439"],"issn-type":[{"value":"1388-1957","type":"print"},{"value":"1572-8439","type":"electronic"}],"subject":[],"published":{"date-parts":[[2014,8,5]]}}}