Transport layer identification of P2P traffic
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Structure preserving anonymization of router configuration data
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Strategies for sound internet measurement
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Remote Physical Device Fingerprinting
IEEE Transactions on Dependable and Secure Computing
Secure distributed data-mining and its application to large-scale network measurements
ACM SIGCOMM Computer Communication Review
The devil and packet trace anonymization
ACM SIGCOMM Computer Communication Review
On information hiding and network management
Proceedings of the 2006 SIGCOMM workshop on Internet network management
High-speed prefix-preserving IP address anonymization for passive measurement systems
IEEE/ACM Transactions on Networking (TON)
Mapping internet sensors with probe response attacks
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Legal issues surrounding monitoring during network research
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
Issues and etiquette concerning use of shared measurement data
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
Distance-preserving pseudonymization for timestamps and spatial data
Proceedings of the 2007 ACM workshop on Privacy in electronic society
An empirical evaluation of entropy-based traffic anomaly detection
Proceedings of the 8th ACM SIGCOMM conference on Internet measurement
Privacy-safe network trace sharing via secure queries
Proceedings of the 1st ACM workshop on Network data anonymization
Evaluating the utility of anonymized network traces for intrusion detection
Proceedings of the 4th international conference on Security and privacy in communication netowrks
A nonlinear, recurrence-based approach to traffic classification
Computer Networks: The International Journal of Computer and Telecommunications Networking
Computer Networks: The International Journal of Computer and Telecommunications Networking
A taxonomy and adversarial model for attacks against network log anonymization
Proceedings of the 2009 ACM symposium on Applied Computing
Order-Preserving Symmetric Encryption
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Structure preserving anonymization of router configuration data
IEEE Journal on Selected Areas in Communications - Special issue on network infrastructure configuration
Analysis of network processing workloads
Journal of Systems Architecture: the EUROMICRO Journal
Review: Passive internet measurement: Overview and guidelines based on experiences
Computer Communications
Provably-secure schemes for basic query support in outsourced databases
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Cooperation enablement for centralistic early warning systems
Proceedings of the 2010 ACM Symposium on Applied Computing
Vortex: enabling cooperative selective wormholing for network security systems
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
A scalable aural-visual environment for security event monitoring, analysis, and response
ISVC'07 Proceedings of the 3rd international conference on Advances in visual computing - Volume Part I
On the design of fast prefix-preserving IP address anonymization scheme
ICICS'07 Proceedings of the 9th international conference on Information and communications security
Human behavior and challenges of anonymizing WLAN traces
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Differentially-private network trace analysis
Proceedings of the ACM SIGCOMM 2010 conference
Impact of sanitized message flows in a cooperative intrusion warning system
MILCOM'06 Proceedings of the 2006 IEEE conference on Military communications
CollSec'10 Proceedings of the 2010 international conference on Collaborative methods for security and privacy
Order-preserving encryption revisited: improved security analysis and alternative solutions
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Requirements of information reductions for cooperating intrusion detection agents
ETRICS'06 Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security
Non-expanding transaction specific pseudonymization for IP traffic monitoring
CANS'05 Proceedings of the 4th international conference on Cryptology and Network Security
Efficiency and security trade-off in supporting range queries on encrypted databases
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
An IP address anonymization scheme with multiple access levels
ICOIN'06 Proceedings of the 2006 international conference on Information Networking: advances in Data Communications and Wireless Networks
A network processor based passive measurement node
PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
End-user perspectives of Internet connectivity problems
Computer Networks: The International Journal of Computer and Telecommunications Networking
PET'05 Proceedings of the 5th international conference on Privacy Enhancing Technologies
Survey: DNA-inspired information concealing: A survey
Computer Science Review
Secure multidimensional range queries over outsourced data
The VLDB Journal — The International Journal on Very Large Data Bases
Assessing the quality of packet-level traces collected on internet backbone links
NordSec'12 Proceedings of the 17th Nordic conference on Secure IT Systems
| Hi-index | 0.00 |
Real-world traffic traces are crucial for Internet research, but only a very small percentage of traces collected are made public. One major reason why traffic trace owners hesitate to make the traces publicly available is the concern that confidential and private information may beinferred from the trace. In this paper we focus on the problem of anonymizing IP addresses in a trace. More specifically, we are interested in prefix-preserving anonymization in which the prefix relationship among IP addresses is preserved in the anonymized trace, making such a trace usable in situations where prefix relationships are important. The goal of our work is two fold. First, we develop a cryptography-based, prefix-preserving anonymization technique that is provably as secure as the existing well-known TCPdpriv scheme, and unlike TCPdpriv, provides consistent prefix-preservation in large scale distributed setting. Second, we evaluate the security properties inherent in all prefix-preserving IP address anonymization schemes (including TCPdpriv). Through the analysis of Internet backbone traffic traces, we investigate the effect of some types of attacks on the security of any prefix-preserving anonymization algorithm. We also derive results for the optimum manner in which an attack should proceed, which provides a bound on the effectiveness of attacks in general.