ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Reference models for network data anonymization
Full text PdfPdf (1.03 MB)
Source
Conference on Computer and Communications Security archive
Proceedings of the 1st ACM workshop on Network data anonymization table of contents
Alexandria, Virginia, USA
SESSION: Anonymization techniques and metrics table of contents
Pages 41-48  
Year of Publication: 2008
ISBN:978-1-60558-301-3
Authors
Shantanu Gattani  Iowa State University, Ames, IA, USA
Thomas E. Daniels  Iowa State University, Ames, IA, USA
Sponsors
ACM: Association for Computing Machinery
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 13,   Downloads (12 Months): 174,   Citation Count: 0
Additional Information:

abstract   references   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1456441.1456454
What is a DOI?

ABSTRACT

Network security research can benefit greatly from testing environments that are capable of generating realistic, repeatable and configurable background traffic. In order to conduct network security experiments, researchers require isolated testbeds capable of recreating actual network environments, complete with infrastructure and traffic details. Unfortunately, due to privacy and flexibility concerns, actual network traffic is rarely shared by organizations. Trace data anonymization is one solution to this problem. The research community has responded to this sanitization problem with anonymization tools that aim to remove sensitive information from network traces, and attacks on anonymized traces that aim to evaluate the efficacy of the anonymization schemes. However there is continued lack of a comprehensive model that distills all elements of the sanitization problem into a functional reference model.

In this paper we offer such a comprehensive functional reference model that identifies and binds together all the entities required to formulate the problem of network data anonymization. We also build a new information flow model that illustrates the overly optimistic nature of inference attacks on anonymized traces. We also provide a probabilistic interpretation of the information model and develop a privacy metric for anonymized traces.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
T. Brekne, A. Arnes, and A. Sleb. Anonymization of ip traffic monitoring data -- attacks on two prefix-preserving anonymization schemes and some proposed remedies. In Proceedings of the Workshop on Privacy Enhancing Technologies, page 179--196, May 2005.
 
2
W. Chen, Y. Huang, B. Ribeiro, K. Suh, H. Zhang, E. de Souza, J. Kurose, and D. Towsley. Exploiting the ipid field to infer network path and end-system characteristics. In Proceedings of the Passive and Active Measurement Workshop, March 2005.
 
3
S. Coull, C. Wright, A. D. Keromytis, F. Monrose, and M. K. Reiter. Taming the devil: Techniques for evaluating anonymized network data. In Proceedings of the 15th Annual Network and Distributed System Security Symposium, February 2008.
 
4
S. Coull, C. Wright, F. Monrose, M. Collins, and M. K. Reiter. Playing devil's advocate: Inferring sensitive information from anonymized network traces. In Proceedings of the 14th Annual Network and Distributed System Security Symposium, pages 35--47, February 2007.
5
R. Crawford , M. Bishop , B. Bhumiratana , L. Clark , K. Levitt, Sanitization models and their limitations, Proceedings of the 2006 workshop on New security paradigms, September 19-22, 2006, Germany  [doi>10.1145/1278940.1278948]
 
6
Jinliang Fan , Jun Xu , Mostafa H. Ammar , Sue B. Moon, Prefix-preserving IP address anonymization: measurement-based security evaluation and a new cryptography-based scheme, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.46 n.2, p.253-272, 7 October 2004  [doi>10.1016/j.comnet.2004.03.033]
 
7
D. Jacobson. Iseage project overview, May 2007.
 
8
D. Koukis, S. Antonatos, and K. Anagnostakis. On the privacy risks of publishing anonymized ip network traces. In Proceedings of Communications and Multimedia Security, pages 22--32, October 2006.
 
9
D. Koukis, S. Antonatos, D. Antoniades, P. Trimintzios, and E. Markatos. A generic anonymization framework for network traffic. In Proceedings of the IEEE International Conference on Communications (ICC 2006), June 2006.
 
10
G. Minshall. tcpdpriv, Aug 1997.
 
11
Ruoming Pang , Mark Allman , Mike Bennett , Jason Lee , Vern Paxson , Brian Tierney, A first look at modern enterprise traffic, Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement, p.2-2, October 19-21, 2005, Berkeley, CA
12
Ruoming Pang , Mark Allman , Vern Paxson , Jason Lee, The devil and packet trace anonymization, ACM SIGCOMM Computer Communication Review, v.36 n.1, January 2006  [doi>10.1145/1111322.1111330]
 
13
B. Ribeiro, W. Chen, G. Miklau, and D. Towsley. Analyzing privacy in enterprise packet trace anonymization. In Proceedings of the 15th Network and Distributed Systems Security Symposium, February 2008.
 
14
Adam Slagell , Kiran Lakkaraju , Katherine Luo, FLAIM: a multi-level anonymization framework for computer and network logs, Proceedings of the 20th conference on Large Installation System Administration, p.6-6, December 03-08, 2006, Washington, DC
 
15
Ashwin Machanavajjhala , Johannes Gehrke , Daniel Kifer , Muthuramakrishnan Venkitasubramaniam, \ell -Diversity: Privacy Beyond \kappa -Anonymity, Proceedings of the 22nd International Conference on Data Engineering, p.24, April 03-07, 2006  [doi>10.1109/ICDE.2006.1]
16
Kuai Xu , Zhi-Li Zhang , Supratik Bhattacharyya, Profiling internet backbone traffic: behavior models and applications, Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications, August 22-26, 2005, Philadelphia, Pennsylvania, USA

INDEX TERMS

Primary Classification:
  H. Information Systems
  H.1 MODELS AND PRINCIPLES
      H.1.1 Systems and Information Theory
          Subjects: Value of information

Additional Classification:
  G. Mathematics of Computing
  G.3 PROBABILITY AND STATISTICS
      Subjects: Time series analysis


General Terms:
Security, Theory


Keywords:
formal model, trace sanitization

Collaborative Colleagues:
Shantanu Gattani: colleagues
Thomas E. Daniels: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player