论文信息 - On the design and performance of prefix-preserving IP traffic trace anonymization

On the design and performance of prefix-preserving IP traffic trace anonymization

Even though real-world Internet traffic traces are crucial for network research, only a tiny percentage of traffic traces collected are made public. One major reason why traffic trace owners hesitate to make the traces publicly available is the concern that the confidential and private information may be inferred from the trace. In this paper we focus on the problem of anonymizing IP addresses in a trace. More specifically, we are interested in prefixpreserving anonymization in which the prefix relationship among IP addresses is preserved in the anonymized trace, making such a trace usable in situations where such prefix relationships are important. The goal of our work is two fold. First, we are interested in analyzing the security properties inherent in prefix-preserving IP address anonymization. Through the analysis of IP traffic traces, we investigate the effect of some types of attacks on the security of the prefix-preserving anonymization process. We also derive results for the optimum manner in which an attack should proceed which provides a bound on the performance of attacks in general. Second, we observe that an existing scheme used for prefix-preserving anonymization, TCPdpriv, has some drawbacks that limit its use in a large-scale, distributed setting. We develop an alternative cryptography-based, prefixpreserving anonymization technique to address these drawbacks while maintaining the same level of anonymity as TCPdpriv.

[1] Andrew Chi-Chih Yao,et al. Theory and Applications of Trapdoor Functions (Extended Abstract) , 1982, FOCS.

[2] Ronald L. Rivest,et al. The MD5 Message-Digest Algorithm , 1992, RFC.

[3] Mihir Bellare,et al. Lecture Notes on Cryptography , 2001 .

[4] Joseph D. Touch,et al. Performance analysis of MD5 , 1995, SIGCOMM '95.

[5] Hugo Krawczyk,et al. HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[6] Ueli Maurer. A Simplified and Generalized Treatment of Luby-Rackoff Pseudorandom Permutation Generator , 1992, EUROCRYPT.

[7] Douglas R. Stinson,et al. Cryptography: Theory and Practice , 1995 .

[8] Balachander Krishnamurthy,et al. On network-aware clustering of Web clients , 2000, SIGCOMM.

[9] Akira Kato,et al. Traffic Data Repository at the WIDE Project , 2000, USENIX Annual Technical Conference, FREENIX Track.

[10] Alfred Menezes,et al. Handbook of Applied Cryptography , 2018 .

[11] Mihir Bellare,et al. Practice-Oriented Provable-Security , 1997, ISW.