Anonymization of IP traffic monitoring data: attacks on two prefix-preserving anonymization schemes and some proposed remedies

Authors:
Tønnes Brekne;André Årnes;Arne Øslebø
Affiliations:
Centre for Quantifiable Quality of Service in Communication Systems, Norwegian University of Science and Technology, Trondheim, Norway;Centre for Quantifiable Quality of Service in Communication Systems, Norwegian University of Science and Technology, Trondheim, Norway;Uninett AS, Trondheim, Norway
Venue:
PET'05 Proceedings of the 5th international conference on Privacy Enhancing Technologies
Year:
2005

Citing 10
Cited 6

Pseudonymous audit for privacy enhanced intrusion detection

SEC'97 Proceedings of the IFIP TC11 13 international conference on Information Security (SEC '97) on Information security in research and business
Untraceable electronic mail, return addresses, and digital pseudonyms

Communications of the ACM
Anonymity, unobservability, and pseudeonymity — a proposal for terminology

International workshop on Designing privacy enhancing technologies: design issues in anonymity and unobservability
Traffic analysis: protocols, attacks, design issues, and open problems

International workshop on Designing privacy enhancing technologies: design issues in anonymity and unobservability
On pseudonymization of audit data for intrusion detection

International workshop on Designing privacy enhancing technologies: design issues in anonymity and unobservability
A method to compress and anonymize packet traces

IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
On the design and performance of prefix-preserving IP traffic trace anonymization

IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
Handbook of Applied Cryptography

Handbook of Applied Cryptography
Prefix-Preserving IP Address Anonymization: Measurement-Based Security Evaluation and a New Cryptography-Based Scheme

ICNP '02 Proceedings of the 10th IEEE International Conference on Network Protocols
Traffic data repository at the WIDE project

ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference

On web browsing privacy in anonymized NetFlows

SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
The risk-utility tradeoff for IP address truncation

Proceedings of the 1st ACM workshop on Network data anonymization
Reference models for network data anonymization

Proceedings of the 1st ACM workshop on Network data anonymization
The role of network trace anonymization under attack

ACM SIGCOMM Computer Communication Review
Short paper: the NetSANI framework for analysis and fine-tuning of network trace sanitization

Proceedings of the fourth ACM conference on Wireless network security
Non-expanding transaction specific pseudonymization for IP traffic monitoring

CANS'05 Proceedings of the 4th international conference on Cryptology and Network Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

In our search for anonymization solutions for passive measurement data in the context of the LOBSTER passive network monitoring project, we discovered attacks against two initially promising candidates for IP address anonymization. We present a suite of three algorithms employing packet injection and frequency analysis, which can compromise individual addresses protected with prefix-preserving anonymization in multilinear time. We present two algorithms to counter our attacks. These methods support gradual release of topological information, as required by some applications. We also introduce an algorithm that strengthens some hash-based anonymization methods.