Obfuscation of sensitive data in network flows

Riboni, Daniele; Villani, Antonio; Vitali, Domenico; Bettini, Cláudio; Mancini, Luigi V.

doi:10.1109/infcom.2012.6195626

Cited by 20 publications

(24 citation statements)

References 16 publications

(26 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Netshuffle works by employing k-anonymity methodology on network traces, by ensuring that all trace records appear at least k>1, with k being the anonymized record, and then shuffling gets applied on the kanonymized records, making it difficult for an attacker to decipher due to the distortion [14]. A network trace obfuscation methodology, (k, j)-obfuscation, was proposed by Riboni, Villani, Vitali, Bettini, and Mancini (2012), in which a network flow is considered obfuscated if it cannot be linked with greater assurance, to its source and destination IP addresses [15]. Riboni, et al observed from their implementation of (k, j)-obfuscation, that the large set of network flows maintained the utility of the original network trace [15].…”

Section: Related Workmentioning

confidence: 99%

“…A network trace obfuscation methodology, (k, j)-obfuscation, was proposed by Riboni, Villani, Vitali, Bettini, and Mancini (2012), in which a network flow is considered obfuscated if it cannot be linked with greater assurance, to its source and destination IP addresses [15]. Riboni, et al observed from their implementation of (k, j)-obfuscation, that the large set of network flows maintained the utility of the original network trace [15]. However, the context of data utility remains challenging as each consumer of privatized data will have unique usability requirements, different levels of needed assurance, and therefore, utility becomes constrained to a case-by-case basis, depending on an entity's privacy and usability needs.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

A study of usability-aware network trace anonymization

Mivule

Anderson

2015

2015 Science and Information Conference (SAI)

View full text Add to dashboard Cite

The publication and sharing of network trace data is a critical to the advancement of collaborative research among various entities, both in government, private sector, and academia. However, due to the sensitive and confidential nature of the data involved, entities have to employ various anonymization techniques to meet legal requirements in compliance with confidentiality policies. Nevertheless, the very composition of network trace data makes it a challenge when applying anonymization techniques. On the other hand, basic application of microdata anonymization techniques on network traces is problematic and does not deliver the necessary data usability. Therefore, as a contribution, we point out some of the ongoing challenges in the network trace anonymization. We then suggest usability-aware anonymization heuristics by employing microdata privacy techniques while giving consideration to usability of the anonymized data. Our preliminary results show that with trade-offs, it might be possible to generate anonymized network traces with enhanced usability, on a case-by-case basis using micro-data anonymization techniques.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

A study of usability-aware network trace anonymization

Mivule

Anderson

2015

2015 Science and Information Conference (SAI)

View full text Add to dashboard Cite

show abstract

“…Unfortunately, balancing confidentiality protection and data utility when obfuscating network flows is a complex task. In order to limit the generalization of fp-QI values, (k, j)-obfuscation adopts sophisticated methods [3] to partition network hosts in homogeneous groups with respect to their typical traffic patterns. This operation requires: (i) scan of the Fig.…”

Section: Implementation Challengesmentioning

confidence: 99%

“…In our previous research [3], we presented (k, j)-obfuscation: a new obfuscation technique for network flows, that provides formal confidentiality guarantees under realistic assumptions about the adversary's knowledge, while preserving the utility of released data. This extended abstract briefly introduces Obsidian, a scalable and efficient Python implementation of the extended version of the (k, j)-obfuscation technique.…”

Section: Introductionmentioning

confidence: 99%

Obsidian: A scalable and efficient framework for NetFlow obfuscation

Villani

Riboni

Vitali

et al. 2013

2013 Proceedings IEEE INFOCOM

Self Cite

View full text Add to dashboard Cite

The availability of real-world network traces is a fundamental requirement for networking research. Indeed, real network traces can help to effectively model the network behavior, to identify security attacks, and to validate research results. Unfortunately, network flows are extremely sensitive information; as a consequence, security and privacy concerns discourage the publication of such datasets. © 2013 IEEE

show abstract

“…A cryptographic technique to scramble the host part of IP addresses in traces was introduced in [86]. An obfuscation algorithm using a many-to-one mapping between IP addresses and group-ID values was proposed in [94] to protect the sensitive data in network flows. While these anonymization techniques are effective with respect to network measurement and trace collection systems, they do not meet our security requirements -in particular session unlinkability.…”

Section: Related Workmentioning

confidence: 99%