Protecting Respondents' Identities in Microdata Release
IEEE Transactions on Knowledge and Data Engineering
k-anonymity: a model for protecting privacy
International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems
IEEE Transactions on Knowledge and Data Engineering
Computer Networks: The International Journal of Computer and Telecommunications Networking
The devil and packet trace anonymization
ACM SIGCOMM Computer Communication Review
SC2D: an alternative to trace anonymization
Proceedings of the 2006 SIGCOMM workshop on Mining network data
L-diversity: Privacy beyond k-anonymity
ACM Transactions on Knowledge Discovery from Data (TKDD)
Privacy-preserving anonymization of set-valued data
Proceedings of the VLDB Endowment
Privacy-safe network trace sharing via secure queries
Proceedings of the 1st ACM workshop on Network data anonymization
Review: Passive internet measurement: Overview and guidelines based on experiences
Computer Communications
MaskIt: privately releasing user context streams for personalized mobile applications
SIGMOD '12 Proceedings of the 2012 ACM SIGMOD International Conference on Management of Data
Leveraging graphical models to improve accuracy and reduce privacy risks of mobile sensing
Proceeding of the 11th annual international conference on Mobile systems, applications, and services
Hi-index | 0.00 |
A communication trace is a detailed record of the communication between two entities. Communication traces are vital for research in computer networks and study of network protocols in various domains, but their release is severely constrained by privacy and security concerns. In this paper, we propose a framework in which a trace owner can match an anonymizing transformation with the requirements of analysts. The trace owner can release multiple transformed traces, each customized to an analyst's needs, or a single transformation satisfying all requirements. The framework enables formal reasoning about anonymization policies, for example to verify that a given trace has utility for the analyst, or to obtain the most secure anonymization for the desired level of utility. Because communication traces are typically very large, we also provide techniques that allow efficient application of transformations using relational database systems.