Comparison of Traffic Trace Anonymization Tools
نویسندگان
چکیده
Collecting network traffic traces from deployed networks is one of the basic steps in network research. These traces can be used to study real users, traffic engineering, packet classification, web performance, security application or more general network measurement and simulation. However for security and privacy reason monitored traffic traces have to be modified before they are published. This is known as trace anonymization process[1] . Many tools and techniques have been implemented for anonymization purposes [2]. To name few of these tools are Crypto-PAn, Anontool, ip2anonip, Lucent’s extensions to Crypto-PAn, FLAIM, IP-Anonymous, TCPdprive [3]. Different tools uses different anonymization algorithm. Few of these algorithms are: black-marker, random permutations, truncation, pseudonymization, and prefix-preserving pseudonymization. The goal of anonymization is to preserve the structure of the network while at the same time preserve privacy policies. This paper intends to compare the Crypto-PAn, Lucent’s extensions to Crypto-PAn, Anontool, and FLAIM [4]. More specifically we will compare the cumulative distribution function of the anonymized data.
منابع مشابه
Prefix-Preserving IP Address Anonymization: Measurement-Based Security Evaluation and a New Cryptography-Based Scheme
Real-world traffic traces are crucial for Internet research, but only a very small percentage of traces collected are made public. One major reason why traffic trace owners hesitate to make the traces publicly available is the concern that confidential and private information may be inferred from the trace. In this paper we focus on the problem of anonymizing IP addresses in a trace. More speci...
متن کاملPrivacy, Anonymization, Anomaly Detection
The sharing of network traces is an important prerequisite for the development and evaluation of efficient anomaly detection mechanisms. Unfortunately, privacy concerns and data protection laws prevent network operators from sharing these data. Anonymization is a promising solution in this context; however, it is unclear if the sanitization of data preserves the traffic characteristics or intro...
متن کاملOn the Utility of Anonymized Flow Traces for Anomaly Detection
The sharing of network traces is an important prerequisite for the development and evaluation of efficient anomaly detection mechanisms. Unfortunately, privacy concerns and data protection laws prevent network operators from sharing these data. Anonymization is a promising solution in this context; however, it is unclear if the sanitization of data preserves the traffic characteristics or intro...
متن کاملAnalyzing Privacy in Enterprise Packet Trace Anonymization
Accurate network measurement through trace collection is critical for advancing network design and for maintaining secure, reliable networks. Unfortunately, the release of network traces to analysts is highly constrained by privacy concerns. Several host anonymization schemes have been proposed to address this issue. Preservation of prefix relationships among anonymized addresses is an importan...
متن کاملBalancing Privacy and Fidelity in Packet Traces for Security Evaluation
Security mechanisms, such as firewalls and intrusion detection systems, protect networks by generating security alarms and possibly filtering attack traffic, according to a specified security policy. Evaluation of such security mechanisms remains a challenge. In this work, we examine the problem of compiling a set of high fidelity traffic traces, that include both attacks and background traffic...
متن کامل