ONTAS: Flexible and Scalable Online Network Traffic Anonymization System

Access to packet traces is required not only to detect and diagnose various network issues related to performance and security, but also to train intelligent learning models enabling networks that can run themselves. However, packets in a network carry a lot of information which can be used to personally identify users and their online behavior. This requires network operators to anonymize packet traces before sharing them with other researchers and analysts. Existing tools anonymize packet traces in an offline manner, which incurs significant computational, storage, and memory overhead---limiting their ability to scale as the volume of the collected packet trace increases. In this paper, we present the design and implementation of an Online Network Traffic Anonymization System, ONTAS, which can flexibly anonymize packet traces in the data plane itself using modern PISA-based programmable switches.

[1]  Mostafa H. Ammar,et al.  Prefix-preserving IP address anonymization: measurement-based security evaluation and a new cryptography-based scheme , 2004, Comput. Networks.

[2]  Philip Koopman,et al.  32-bit cyclic redundancy codes for Internet applications , 2002, Proceedings International Conference on Dependable Systems and Networks.

[3]  W. W. PETERSONt,et al.  Cyclic Codes for Error Detection * , 2022 .

[4]  William Yurcik,et al.  SCRUB-tcpdump: A multi-level packet anonymizer demonstrating privacy/analysis tradeoffs , 2007, 2007 Third International Conference on Security and Privacy in Communications Networks and the Workshops - SecureComm 2007.

[5]  Behnaz Arzani,et al.  dShark: A General, Easy to Program and Scalable Framework for Analyzing In-network Packet Traces , 2019, NSDI.

[6]  George Varghese,et al.  Forwarding metamorphosis: fast programmable match-action processing in hardware for SDN , 2013, SIGCOMM.

[7]  Katia Obraczka,et al.  A flexible in-network IP anonymization service , 2012, 2012 IEEE International Conference on Communications (ICC).

[8]  Anirudh Sivaraman,et al.  Language-Directed Hardware Design for Network Performance Monitoring , 2017, SIGCOMM.

[9]  Paul F. Syverson,et al.  Anonymous connections and onion routing , 1998, IEEE J. Sel. Areas Commun..

[10]  Ben Y. Zhao,et al.  Packet-Level Telemetry in Large Datacenter Networks , 2015, SIGCOMM.

[11]  Nick Feamster,et al.  Machine Learning DDoS Detection for Consumer Internet of Things Devices , 2018, 2018 IEEE Security and Privacy Workshops (SPW).

[12]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[13]  Walter Willinger,et al.  Sonata: query-driven streaming network telemetry , 2018, SIGCOMM.

[14]  Jason Lee,et al.  The devil and packet trace anonymization , 2006, CCRV.

[15]  Mihai Budiu,et al.  The P416 Programming Language , 2017, OPSR.

[16]  Marcus Schöller,et al.  PktAnon – A Generic Framework for Profile-based Traffic Anonymization , 2008, PIK Prax. Informationsverarbeitung Kommun..