Prefix-preserving IP address anonymization: measurement-based security evaluation and a new cryptography-based scheme

Authors:
Jinliang Fan;Jun Xu;Mostafa H. Ammar;Sue B. Moon
Affiliations:
College of Computing, Georgia Institute of Technology, 801 Atlantic Drive, Atlanta, GA;College of Computing, Georgia Institute of Technology, 801 Atlantic Drive, Atlanta, GA;College of Computing, Georgia Institute of Technology, 801 Atlantic Drive, Atlanta, GA;Department of Computer Science, KAIST, Guseong-Dong, Yuseong-Gu, Daejeon 305-701, South Korea and Sprint Advanced Technology Laboratories
Venue:
Computer Networks: The International Journal of Computer and Telecommunications Networking
Year:
2004

Citing 13
Cited 27

How to construct random functions

Journal of the ACM (JACM)
How to construct pseudorandom permutations from pseudorandom functions

SIAM Journal on Computing - Special issue on cryptography
The Ω key management service

CCS '96 Proceedings of the 3rd ACM conference on Computer and communications security
On network-aware clustering of Web clients

Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
A note on the confinement problem

Communications of the ACM
Cryptography: Theory and Practice

Cryptography: Theory and Practice
The Security of Cipher Block Chaining

CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Practice-Oriented Provable-Security

ISW '97 Proceedings of the First International Workshop on Information Security
Yaksha: augmenting Kerberos with public key cryptography

SNDSS '95 Proceedings of the 1995 Symposium on Network and Distributed System Security (SNDSS'95)
Traffic data repository at the WIDE project

ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
The NLAMR network analysis infrastructure

IEEE Communications Magazine
Kerberos: an authentication service for computer networks

IEEE Communications Magazine
Survey and taxonomy of IP address lookup algorithms

IEEE Network: The Magazine of Global Internetworking

Experiences with a continuous network tracing infrastructure

Proceedings of the 2005 ACM SIGCOMM workshop on Mining network data
Community-oriented network measurement infrastructure (CONMI) workshop report

ACM SIGCOMM Computer Communication Review
SC2D: an alternative to trace anonymization

Proceedings of the 2006 SIGCOMM workshop on Mining network data
A privacy-preserving interdomain audit framework

Proceedings of the 5th ACM workshop on Privacy in electronic society
Sanitization models and their limitations

NSPW '06 Proceedings of the 2006 workshop on New security paradigms
On web browsing privacy in anonymized NetFlows

SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Scalable Architecture for Prefix Preserving Anonymization of IP Addresses

SAMOS '08 Proceedings of the 8th international workshop on Embedded Computer Systems: Architectures, Modeling, and Simulation
The risk-utility tradeoff for IP address truncation

Proceedings of the 1st ACM workshop on Network data anonymization
Reference models for network data anonymization

Proceedings of the 1st ACM workshop on Network data anonymization
A fast and secure method for anonymizing packet traffic and call traces

ICCOM'08 Proceedings of the 12th WSEAS international conference on Communications
A framework for safely publishing communication traces

Proceedings of the 18th ACM conference on Information and knowledge management
The role of network trace anonymization under attack

ACM SIGCOMM Computer Communication Review
Visualizing host traffic through graphs

Proceedings of the Seventh International Symposium on Visualization for Cyber Security
Nimble cybersecurity incident management through visualization and defensible recommendations

Proceedings of the Seventh International Symposium on Visualization for Cyber Security
The RIPE NCC internet measurement data repository

PAM'10 Proceedings of the 11th international conference on Passive and active measurement
Relationships and data sanitization: a study in scarlet

Proceedings of the 2010 workshop on New security paradigms
AirLab: consistency, fidelity and privacy in wireless measurements

ACM SIGCOMM Computer Communication Review
On detecting abrupt changes in network entropy time series

CMS'11 Proceedings of the 12th IFIP TC 6/TC 11 international conference on Communications and multimedia security
Proposals on assessment environments for anomaly-based network intrusion detection systems

CRITIS'06 Proceedings of the First international conference on Critical Information Infrastructures Security
Anonymity and privacy in distributed early warning systems

CRITIS'10 Proceedings of the 5th international conference on Critical Information Infrastructures Security
A contextual privacy-aware access control model for network monitoring workflows: work in progress

FPS'11 Proceedings of the 4th Canada-France MITACS conference on Foundations and Practice of Security
A workflow checking approach for inherent privacy awareness in network monitoring

DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
Tracking malicious hosts on a 10gbps backbone link

NordSec'10 Proceedings of the 15th Nordic conference on Information Security Technology for Applications
Anatomy of a large european IXP

Proceedings of the ACM SIGCOMM 2012 conference on Applications, technologies, architectures, and protocols for computer communication
Anatomy of a large european IXP

ACM SIGCOMM Computer Communication Review - Special october issue SIGCOMM '12
A privacy-aware access control model for distributed network monitoring

Computers and Electrical Engineering
A modular multi-location anonymized traffic monitoring tool for a WiFi network

Proceedings of the 4th ACM conference on Data and application security and privacy

Quantified Score

Hi-index	0.00

Visualization

Abstract

Real-world traffic traces are crucial for Internet research, but only a very small percentage of traces collected are made public. One major reason why traffic trace owners hesitate to make the traces publicly available is the concern that confidential and private information may be inferred from the trace. In this paper we focus on the problem of anonymizing IP addresses in a trace. More specifically, we are interested in prefix-preserving anonymization in which the prefix relationship among IP addresses is preserved in the anonymized trace, making such a trace usable in situations where prefix relationships are important. The goal of our work is two fold. First, we develop a cryptography-based, prefix-preserving anonymization technique that is provably as secure as the existing well-known TCPdpriv scheme, and unlike TCPdpriv, provides consistent prefix-preservation in large scale distributed setting. Second, we evaluate the security properties inherent in all prefix-preserving IP address anonymization schemes (including TCPdpriv). Through the analysis of Internet backbone traffic traces, we investigate the effect of some types of attacks on the security of any prefix-preserving anonymization algorithm. We also derive results for the optimum manner in which an attack should proceed, which provides a bound on the effectiveness of attacks in general.