Skip to main content
SpringerLink
Log in

De-anonymous and Anonymous Technologies for Network Traffic Release

  • Conference paper
  • First Online:
Applications and Techniques in Information Security (ATIS 2017)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 719))

  • 1256 Accesses

Abstract

With the rapid growth of data, the network traffic data is of great significance for the research and analysis. Through research and real events, anonymous network traffic is susceptible to de-anonymity attacks. Therefore, the release of network traffic need to consider the existence of de-anonymization attacks, and balance the privacy and utility of data. On the one hand, we summarize the anonymous technologies of network traffic, list some traffic anonymity methods. on the other hand, we analyze the anonymous strategy of network flow against de-anonymous attacks. Based on the research on de-anonymization attacks, this paper divides the de-anonymization method into three categories from the dimension of inferring attack object: restoring the network topology graph, inferring the host behavior, inferring the node and edge information. Specifically, we analyze the implementation methods of these three types of de-anonymization attacks respectively. In connection with the network traces anonymity method, we analyze the confrontation strategy of the above de-anonymity attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. CAIDA traces dataset. http://www.caida.org/home

  2. DeepSight. http://enterprisesecurity.symantec.com/products/products.cfm?ProductID=158&EID=0

  3. DShield.org. http://www.dshield.org

  4. Packetlife repository. http://www.packetlife.net/captures

  5. PCAPR collaborative network forensics. http://www.pcapr.net/forensics

  6. Shiravi, A., Shiravi, H., Tavallaee, M., et al.: Toward developing a systematic approach to generate benchmark datasets for intrusion detection. Comput. Secur. 31(3), 357–374 (2012)

    Article  Google Scholar 

  7. Lin, Y.D., Lin, P.C., Wang, S.H., et al.: PCAPLib: a system of extracting, classifying, and anonymizing real packet traces. IEEE Syst. J. 1–12 (2014)

    Google Scholar 

  8. Riboni, D., Villani, A., Vitali, D., et al.: Obfuscation of sensitive data in network flows. In: IEEE INFOCOM, pp. 2372–2380. IEEE (2012)

    Google Scholar 

  9. Riboni, D., Villani, A., Vitali, D., et al.: Obfuscation of sensitive data for incremental release of network flows. IEEE/ACM Trans. Netw. 23(2), 672–686 (2015)

    Article  Google Scholar 

  10. Xu, J., Fan, J., Ammar, M., et al.: On the design and performance of prefix-preserving IP traffic trace anonymization. In: Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement, pp, 263–266. ACM (2001)

    Google Scholar 

  11. Xu, J., Fan, J., Ammar, M.H., et al.: Prefix-preserving IP address anonymization: measurement-based security evaluation and a new cryptography-based scheme. In: IEEE International Conference on Network Protocols, Proceedings, pp. 280–289. IEEE (2002)

    Google Scholar 

  12. Minshall, G.: Tcpdpriv: program for eliminating confidential information from traces (2005)

    Google Scholar 

  13. Pang, R., Paxson, V.: A high-level programming environment for packet trace anonymization and transformation, pp. 339–351 (2003)

    Google Scholar 

  14. Sperotto, A., Schaffrath, G., Sadre, R., et al.: An overview of IP flow-based intrusion detection. IEEE Commun. Surv. Tutor. 12(3), 343–356 (2010)

    Article  Google Scholar 

  15. Mendonca, M., Seetharaman, S., Obraczka, K.: A flexible in-network IP anonymization service. In: IEEE International Conference on Communications. IEEE (2012)

    Google Scholar 

  16. Jeon, S., Yun, J.H., Kim, W.N.: Obfuscation of critical infrastructure network traffic using fake communication. In: International Conference on Critical Information Infrastructures Security (2014)

    Google Scholar 

  17. Lin, T.: Anonym: a tool for anonymization of the internet traffic. In: IEEE International Conference on Cybernetics, pp. 261–266 (2013)

    Google Scholar 

  18. Yurcik, W., Woolam, C., Hellings, G., et al.: SCRUB-tcpdump: a multi-level packet anonymizer demonstrating privacy/analysis tradeoffs. In: International Conference on Security and Privacy in Communications Networks and the Workshops (SECURECOMM 2007), pp. 49–56. IEEE (2007)

    Google Scholar 

  19. Stanek, J., Kencl, L., Kuthan, J.: Analyzing anomalies in anonymized SIP traffic. In: Networking Conference, pp. 1–9. IEEE (2014)

    Google Scholar 

  20. Gattani, S., Daniels, T.E.: Reference models for network data anonymization. In: ACM Conference on Computer and Communications Security, pp. 41–48 (2008)

    Google Scholar 

  21. King, J., Lakkaraju, K., Slagell, A.: A taxonomy and adversarial model for attacks against network log anonymization. In: Proceedings of ACM SAC, pp. 1286–1293. ACM (2009)

    Google Scholar 

  22. Xu, K., Zhang, Z.L., Bhattacharyya, S.: Profiling internet backbone traffic: behavior models and applications. ACM SIGCOMM Comput. Commun. Rev. 35(4), 169–180 (2005)

    Article  Google Scholar 

  23. Coull, S.E., Wright, C.V., Monrose, F., et al.: Playing devil’s advocate: inferring sensitive information from anonymized network traces. In: Network and Distributed System Security Symposium (NDSS 2007), San Diego, California, USA, pp. 35–47, March 2007

    Google Scholar 

  24. Burkhart, M., Schatzmann, D., Trammell, B., et al.: The role of network trace anonymization under attack. ACM SIGCOMM Comput. Commun. Rev. 40(1), 5–11 (2010)

    Article  Google Scholar 

  25. Ribeiro, B.F., Chen, W., Miklau, G., et al.: Analyzing privacy in enterprise packet trace anonymization. In: Network and Distributed System Security Symposium (NDSS 2008), San Diego, California, USA, February 2008

    Google Scholar 

  26. Foukarakis, M., Antoniades, D., Polychronakis, M.: Deep packet anonymization, pp. 16–21 (2009)

    Google Scholar 

  27. Koukis, D., Antonatos, S., Antoniades, D., et al.: A generic anonymization framework for network traffic, vol. 5, pp. 2302–2309 (2006)

    Google Scholar 

  28. Kohno, T., Broido, A., Claffy, K.C.: Remote physical device fingerprinting. In: IEEE Symposium on Security and Privacy, pp. 211–225. IEEE Computer Society (2005)

    Google Scholar 

  29. Paul, R.R., Valgenti, V.C., Min, S.K.: Real-time netshuffle: graph distortion for on-line anonymization. In: IEEE International Conference on Network Protocols (ICNP 2011), Vancouver, BC, Canada, pp. 133–134 (2011)

    Google Scholar 

  30. Qardaji, W., Li, N.: Anonymizing network traces with temporal pseudonym consistency, pp. 622–633 (2012)

    Google Scholar 

  31. Valgenti, V.C., Paul, R.R., Min, S.K.: Netshuffle: improving traffic trace anonymization through graph distortion. In: IEEE International Conference on Communications, pp. 1–6. IEEE (2011)

    Google Scholar 

Download references

Acknowledgments

This work was supported by National Key R&D Program 2016 (Grant No. 2016YFB081304).

Author information

Authors and Affiliations

  1. University of Chinese Academy of Sciences, Beijing, China

    Xiang Tian

  2. National Engineering Laboratory for Information Security Technologies, Beijing, China

    Xiang Tian, Yujia Zhu, Yong Sun & Qingyun Liu

  3. Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China

    Xiang Tian, Yujia Zhu, Yong Sun & Qingyun Liu

  4. National Computer Network Emergency Response and Coordination Center, Beijing, China

    Yu Wang

Authors
  1. Xiang Tian
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yu Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yujia Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yong Sun
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Qingyun Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yu Wang .

Editor information

Editors and Affiliations

  1. School of Information Technology, Deakin University, Geelong, Victoria, Australia

    Lynn Batten

  2. University of Canterbury, Christchurch, New Zealand

    Dong Seong Kim

  3. The University of Auckland, Auckland, New Zealand

    Xuyun Zhang

  4. Deakin University, Geelong, Victoria, Australia

    Gang Li

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer Nature Singapore Pte Ltd.

About this paper

Cite this paper

Tian, X., Wang, Y., Zhu, Y., Sun, Y., Liu, Q. (2017). De-anonymous and Anonymous Technologies for Network Traffic Release. In: Batten, L., Kim, D., Zhang, X., Li, G. (eds) Applications and Techniques in Information Security. ATIS 2017. Communications in Computer and Information Science, vol 719. Springer, Singapore. https://doi.org/10.1007/978-981-10-5421-1_16

Download citation

  • DOI: https://doi.org/10.1007/978-981-10-5421-1_16

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-10-5420-4

  • Online ISBN: 978-981-10-5421-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation