Anonymization of IP Traffic Monitoring Data: Attacks on Two Prefix-Preserving Anonymization Schemes and Some Proposed Remedies

Brekne, Tønnes; Årnes, André; Oslebo, A.

doi:10.1007/11767831_12

Cited by 38 publications

(40 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…users. However, prefix-preserving schemes [6], [7] are used in permutation, i.e. if an IP address a.b.c.d is permuted to w.x.y.z then another IP address a.b.c.d is mapped to w.x.y.z.…”

Section: Overview Of Yahoo! Datasetsmentioning

confidence: 99%

A first look at inter-data center traffic characteristics via Yahoo! datasets

Chen

Jain

Adhikari

et al. 2011

2011 Proceedings IEEE INFOCOM

162

View full text Add to dashboard Cite

Abstract-Effectively managing multiple data centers and their traffic dynamics pose many challenges to their operators, as little is known about the characteristics of inter-data center (D2D) traffic. In this paper we present a first study of D2D traffic characteristics using the anonymized NetFlow datasets collected at the border routers of five major Yahoo! data centers. Our contributions are mainly two-fold: i) we develop novel heuristics to infer the Yahoo! IP addresses and localize their locations from the anonymized NetFlow datasets, and ii) we study and analyze both D2D and client traffic characteristics and the correlations between these two types of traffic. Our study reveals that Yahoo! uses a hierarchical way of deploying data centers, with several satellite data centers distributed in other countries and backbone data centers distributed in US locations. For Yahoo! US data centers, we separate the client-triggered D2D traffic and background D2D traffic from the aggregate D2D traffic using port based correlation, and study their respective characteristics. Our findings shed light on the interplay of multiple data centers and their traffic dynamics within a large content provider, and provide insights to data center designers and operators as well as researchers.

show abstract

“…users. However, prefix-preserving schemes [6], [7] are used in permutation, i.e. if an IP address a.b.c.d is permuted to w.x.y.z then another IP address a.b.c.d is mapped to w.x.y.z.…”

Section: Overview Of Yahoo! Datasetsmentioning

confidence: 99%

A first look at inter-data center traffic characteristics via Yahoo! datasets

Chen

Jain

Adhikari

et al. 2011

2011 Proceedings IEEE INFOCOM

162

View full text Add to dashboard Cite

show abstract

“…These techniques ensure that subnet of the anonymized address match too. They are considered weak and prone to attacks [16] For these reasons, good encryption techniques are to be chosen for data anonymization that preserve the length and formats of the data fields too.…”

Section: ) Preserving Lengths and Formatsmentioning

confidence: 99%

Network Telemetry Anonymization for Cloud Based Security Analysis - Best Practices

Dara

2014

2014 IEEE International Conference on Cloud Computing in Emerging Markets (CCEM)

View full text Add to dashboard Cite

Availability of network telemetry data aides in identifying security compromises, malicious traffic patterns, malware spread etc. There are variety of Cloud based security services available for consumers to benefit from but on an other hand there is a compelling need for ensuring privacy of sensitive fields before data is shared with any cloud provider.Anonymization techniques based on micro-data or macrodata have challenges in terms of attacks possible, scalability and practicality. In this paper we discuss challenges in privacypreserving cloudification of network telemetry data. We present practical and scalable techniques for network data anonymization. These techniques ensure the privacy of the sensitive fields while retaining the ability to perform security forensics and analytics. We also provide best practices for ensuring successful data anonymization.

show abstract

“…However, those techniques proved to be ineffective, since an adversary might be able to re-identify message source and destination by other values in a network flow, or in a sequence of flows (see, e.g., [3], [8], [9], [10]). King et al in [2] propose an extensive taxonomy of attacks against network flow sanitization methods; techniques fall into two main categories:…”

Section: Related Workmentioning

confidence: 99%

“…Roughly speaking, defenses that can be found in the literature (e.g., [3], [4] among many others) take a "reactionary" approach: typically, in those works, a new kind of attack is identified, and a defense technique is proposed for that attack, which is generally based on the permutation/generalization of some fields' values. However, proposed techniques do not provide a general solution.…”

Section: A Defenses Tailored To Network Flowsmentioning

confidence: 99%

“…However, it has been shown that this technique is insufficient, since an adversary may reconstruct the real IPs based on the values of other fields of the flows [2], exploiting his knowledge of the characteristics of network hosts (fingerprinting attacks), or by injecting peculiar flows in the monitored network (injection attacks). For this reason, more sophisticated techniques have been proposed, based on the perturbation of other data in the flows (e.g., [3], [4], [5], [6]). However, the techniques proposed till the time of writing do not provide any formal guarantee of protection, and it has been recently shown that they are prone to different kinds of attacks [7].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Obfuscation of sensitive data in network flows

Riboni

Villani

Vitali

et al. 2012

2012 Proceedings IEEE INFOCOM

View full text Add to dashboard Cite

Abstract-In the last decade, the release of network flows has gained significant popularity among researchers and networking communities. Indeed, network flows are a fundamental tool for modeling the network behavior, identifying security attacks, and validating research results. Unfortunately, due to the sensitive nature of network flows, security and privacy concerns discourage the publication of such datasets. On the one hand, existing techniques proposed to sanitize network flows do not provide any formal guarantees. On the other hand, microdata anonymization techniques are not directly applicable to network flows. In this paper, we propose a novel obfuscation technique for network flows that provides formal guarantees under realistic assumptions about the adversary's knowledge. Our work is supported by extensive experiments with a large set of real network flows collected at an important Italian Tier II Autonomous System, hosting sensitive government and corporate sites. Experimental results show that our obfuscation technique preserves the utility of network flows for network traffic analysis.

show abstract

Anonymization of IP Traffic Monitoring Data: Attacks on Two Prefix-Preserving Anonymization Schemes and Some Proposed Remedies

Cited by 38 publications

References 9 publications

A first look at inter-data center traffic characteristics via Yahoo! datasets

A first look at inter-data center traffic characteristics via Yahoo! datasets

Network Telemetry Anonymization for Cloud Based Security Analysis - Best Practices

Obfuscation of sensitive data in network flows

Contact Info

Product

Resources

About