Applied cryptography (2nd ed.): protocols, algorithms, and source code in C
Applied cryptography (2nd ed.): protocols, algorithms, and source code in C
Computer Networks: The International Journal of Computer and Telecommunications Networking
High-speed prefix-preserving IP address anonymization for passive measurement systems
IEEE/ACM Transactions on Networking (TON)
Micro- and macroscopic analysis of RTT variability in GPRS and UMTS networks
NETWORKING'06 Proceedings of the 5th international IFIP-TC6 conference on Networking Technologies, Services, and Protocols; Performance of Computer and Communication Networks; Mobile and Wireless Communications Systems
IP-address lookup using LC-tries
IEEE Journal on Selected Areas in Communications
Survey and taxonomy of IP address lookup algorithms
IEEE Network: The Magazine of Global Internetworking
Hi-index | 0.00 |
Various kinds of traffic traces, containing, e.g., packet headers, signaling messages, or authorization log-files, are needed to examine the status and performance of packet switching networks. In most cases, traces contain information that can be used identify subscribers and what kind of services they have been using. This kind of information can be usually handled only by network operator and only for certain reasons, i.e., troubleshooting and accounting. However, there is an increasing trend that many network management tasks are being outsourced and thus a method, that would allow for an external staff to monitor a public network, is needed. There have been some methods for anonymizing traffic traces but they are usually not fast enough, not suitable for on-line measurements, or not secure enough. The method proposed in this paper is based on using normal symmetric block coding encryption methods in cipher block chaining mode. The advantages of the supposed method are that it is cryptographically strong, suitable for multi-site on-line measurements and very fast. Furthermore, it supports existing hardware based encryption engines without any needs for modifications. The proposed method can be also extented to prefix-preserving IP address anonymization. This extension differs form earlier proposals by using IP address lookup to determine the real network part of the address. It is also resistant to known attacks to compromise prefix-preserving anonymization methods.