research-article

ONTAS: Flexible and Scalable Online Network Traffic Anonymization System

Authors:

Arpit GuptaAuthors Info & Claims

NetAI'19: Proceedings of the 2019 Workshop on Network Meets AI & ML

Pages 15 - 21

https://doi.org/10.1145/3341216.3342208

Published: 14 August 2019 Publication History

Abstract

Access to packet traces is required not only to detect and diagnose various network issues related to performance and security, but also to train intelligent learning models enabling networks that can run themselves. However, packets in a network carry a lot of information which can be used to personally identify users and their online behavior. This requires network operators to anonymize packet traces before sharing them with other researchers and analysts. Existing tools anonymize packet traces in an offline manner, which incurs significant computational, storage, and memory overhead---limiting their ability to scale as the volume of the collected packet trace increases. In this paper, we present the design and implementation of an Online Network Traffic Anonymization System, ONTAS, which can flexibly anonymize packet traces in the data plane itself using modern PISA-based programmable switches.

Supplementary Material

MP4 File (p15-kim.mp4)

Download
746.76 MB

References

[1]

AES encryption P4 implementation. https://github.com/chenxiaoqino/p4projects/tree/master/AES.p4app.

[2]

Workshop on Self-Driving Networks-Report. https://nsf-srn-2018.cs.princeton.edu/nsf-srn-report.pdf.

[3]

The P4 Language Specification Version 1.0.5. https://p4.org/p4-spec/p4-14/v1.0.5/tex/p4.pdf, November 2018.

[4]

Apache Thrift API. https://thrift.apache.org/.

[5]

Pat Bosshart, Glen Gibb, Hun-Seok Kim, George Varghese, Nick McKeown, Martin Izzard, Fernando Mujica, and Mark Horowitz. Forwarding metamorphosis: Fast programmable match-action processing in hardware for sdn. ACM SIGCOMM, 2013.

Digital Library

[6]

Gordon Brebner. P4 for an FPGA Target. In P4 Workshop, 2015. https://schd.ws/hosted_files/p4workshop2015/33/GordonB-P4-Workshop-June-04-2015.pdf.

[7]

Mihai Budiu and Chris Dodd. The p416 programming language. Operating Systems Review, 51(1):5--14, 2017.

Digital Library

[8]

CAIDA: Summary of Anonymization Best Practice Techniques. https://www.caida.org/projects/predict/anonymization/.

[9]

CAIDA: Data Collection, Curation and Sharing. https://www.caida.org/data/.

[10]

Rohan Doshi, Noah Apthorpe, and Nick Feamster. Machine learning ddos detection for consumer internet of things devices. In 2018 IEEE Security and Privacy Workshops (SPW), pages 29--35. IEEE, 2018.

[11]

Edge-core Wedge 100BF-32X {Online}. https://www.edge-core.com/productsInfo.php?cls=1&cls2=5&cls3=181&id=335, 2019.

[12]

ESnet Host and NIC tuning. https://fasterdata.es.net/host-tuning/.

[13]

Th Gamer, Chr Mayer, and Marcus Schöller. Pktanon--a generic framework for profile-based traffic anonymization. PIK-Praxis der Informationsverarbeitung und Kommunikation, 31(2):76--81, 2008.

[14]

Arpit Gupta, Rob Harrison, Marco Canini, Nick Feamster, Jennifer Rexford, and Walter Willinger. Sonata: Query-driven streaming network telemetry. In Proceedings of the ACM SIGCOMM, pages 357--371. ACM, 2018.

Digital Library

[15]

Martin Izzard. The Programmable Switch Chip Consigns Legacy Fixed-Function Chips to the History Books. https://goo.gl/JKWnQc, September 2016.

[16]

Philip Koopman. 32-bit cyclic redundancy codes for internet applications. In Proceedings International Conference on Dependable Systems and Networks, pages 459--468. IEEE, 2002.

Digital Library

[17]

Nick McKeown, Tom Anderson, Hari Balakrishnan, Guru Parulkar, Larry Peterson, Jennifer Rexford, Scott Shenker, and Jonathan Turner. Openflow: enabling innovation in campus networks. ACM SIGCOMM Computer Communication Review, 38(2):69--74, 2008.

Digital Library

[18]

Marc Mendonca, Srini Seetharaman, and Katia Obraczka. A flexible in-network ip anonymization service. In 2012 IEEE international conference on communications (ICC), pages 6651--6656. IEEE, 2012.

[19]

Srinivas Narayana, Anirudh Sivaraman, Vikram Nathan, Prateesh Goyal, Venkat Arun, Mohammad Alizadeh, Vimalkumar Jeyakumar, and Changhoon Kim. Language-directed hardware design for network performance monitoring. In Proceedings of the Conference of the ACM SIGCOMM, pages 85--98. ACM, 2017.

Digital Library

[20]

Ruoming Pang, Mark Allman, Vern Paxson, and Jason Lee. The devil and packet trace anonymization. ACM SIGCOMM CCR, 36(1):29--38, 2006.

Digital Library

[21]

William Wesley Peterson and Daniel T Brown. Cyclic codes for error detection. Proceedings of the IRE, 49(1):228--235, 1961.

[22]

PFRING: High-speed packet capture, filtering and analysis. https://www.ntop.org/products/packet-capture/pf_ring/.

[23]

Michael G Reed, Paul F Syverson, and David M Goldschlag. Anonymous connections and onion routing. IEEE Journal on Selected areas in Communications, 16(4):482--494, 1998.

Digital Library

[24]

tcpanon {Online}. http://netweb.ing.unibs.it/~ntw/tools/tcpanon/, 2009.

[25]

Tcpreplay sample captures. http://tcpreplay.appneta.com/wiki/captures.html.

[26]

TCPurify {Online}. http://irg.cs.ohiou.edu/~eblanton/tcpurify/, 2016.

[27]

Barefoot's Tofino. https://www.barefootnetworks.com/technology/.

[28]

P4 software switch. https://github.com/p4lang/behavioral-model.

[29]

Bapi Vinnakota. P4 with the Netronome Server Networking Platform. https://goo.gl/PKQtC7, May 2016.

[30]

Jun Xu, Jinliang Fan, Mostafa H Ammar, and Sue B Moon. Prefix-preserving ip address anonymization: Measurement-based security evaluation and a new cryptography-based scheme. In IEEE International Conference on Network Protocols, 2002. Proceedings., pages 280--289. IEEE, 2002.

Digital Library

[31]

Da Yu, Yibo Zhu, Behnaz Arzani, Rodrigo Fonseca, Tianrong Zhang, Karl Deng, and Lihua Yuan. dshark: a general, easy to program and scalable framework for analyzing in-network packet traces. In Proceedings of the 16th USENIX Conference on Networked Systems Design and Implementation, pages 207--220. USENIX Association, 2019.

Digital Library

[32]

William Yurcik, Clay Woolam, Greg Hellings, Latifur Khan, and Bhavani Thuraisingham. Scrub-tcpdump: A multi-level packet anonymizer demonstrating privacy/analysis tradeoffs. In 2007 Third International Conference on Security and Privacy in Communications Networks and the Workshops-SecureComm 2007, pages 49--56. IEEE, 2007.

[33]

Yibo Zhu, Nanxi Kang, Jiaxin Cao, Albert Greenberg, Guohan Lu, Ratul Mahajan, Dave Maltz, Lihua Yuan, Ming Zhang, Ben Y Zhao, et al. Packet-level telemetry in large datacenter networks. In ACM SIGCOMM 2015, volume 45, pages 479--491.

Digital Library

Cited By

Robin DKhan J(2024)An open-source P416 compiler backend for reconfigurable match-action table switches: Making networking innovation accessibleComputer Networks10.1016/j.comnet.2024.110246242(110246)Online publication date: Apr-2024
https://doi.org/10.1016/j.comnet.2024.110246
Kfoury ECrichigno JBou-Harb E(2023)P4Tune: Enabling Programmability in Non-Programmable NetworksIEEE Communications Magazine10.1109/MCOM.001.220028761:6(132-138)Online publication date: Jun-2023
https://doi.org/10.1109/MCOM.001.2200287
Chen XWu CLiu XHuang QZhang DZhou HYang QKhan M(2023)Empowering Network Security With Programmable Switches: A Comprehensive SurveyIEEE Communications Surveys & Tutorials10.1109/COMST.2023.326598425:3(1653-1704)Online publication date: Nov-2024
https://doi.org/10.1109/COMST.2023.3265984
Show More Cited By

Index Terms

ONTAS: Flexible and Scalable Online Network Traffic Anonymization System
1. Networks
  1. Network properties
    1. Network privacy and anonymity
  2. Network services
    1. Programmable networks

Recommendations

Parking packet payload with P4
CoNEXT '20: Proceedings of the 16th International Conference on emerging Networking EXperiments and Technologies

Network Function (NF) deployments suffer from poor link goodput, because popular NFs such as firewalls process only packet headers while receiving and transmitting complete packets. As a result, unnecessary packet payloads needlessly consume link ...
LossRadar: Fast Detection of Lost Packets in Data Center Networks
CoNEXT '16: Proceedings of the 12th International on Conference on emerging Networking EXperiments and Technologies

Packet losses are common in data center networks, may be caused by a variety of reasons (e.g., congestion, blackhole), and have significant impacts on application performance and network operations. Thus, it is important to provide fast detection of ...
Network Load Balancing with In-network Reordering Support for RDMA
ACM SIGCOMM '23: Proceedings of the ACM SIGCOMM 2023 Conference

Remote Direct Memory Access (RDMA) is widely used in high-performance computing (HPC) and data center networks. In this paper, we first show that RDMA does not work well with existing load balancing algorithms because of its traffic flow characteristics ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

NetAI'19: Proceedings of the 2019 Workshop on Network Meets AI & ML

August 2019

96 pages

ISBN:9781450368728

DOI:10.1145/3341216

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGCOMM: ACM Special Interest Group on Data Communication

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 August 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

SIGCOMM '19

Sponsor:

SIGCOMM

SIGCOMM '19: ACM SIGCOMM 2019 Conference

August 23, 2019

Beijing, China

Acceptance Rates

NetAI'19 Paper Acceptance Rate 13 of 38 submissions, 34%;

Overall Acceptance Rate 13 of 38 submissions, 34%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

15
Total Citations
View Citations
547
Total Downloads

Downloads (Last 12 months)41
Downloads (Last 6 weeks)8

Reflects downloads up to 01 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Robin DKhan J(2024)An open-source P416 compiler backend for reconfigurable match-action table switches: Making networking innovation accessibleComputer Networks10.1016/j.comnet.2024.110246242(110246)Online publication date: Apr-2024
https://doi.org/10.1016/j.comnet.2024.110246
Kfoury ECrichigno JBou-Harb E(2023)P4Tune: Enabling Programmability in Non-Programmable NetworksIEEE Communications Magazine10.1109/MCOM.001.220028761:6(132-138)Online publication date: Jun-2023
https://doi.org/10.1109/MCOM.001.2200287
Chen XWu CLiu XHuang QZhang DZhou HYang QKhan M(2023)Empowering Network Security With Programmable Switches: A Comprehensive SurveyIEEE Communications Surveys & Tutorials10.1109/COMST.2023.326598425:3(1653-1704)Online publication date: Nov-2024
https://doi.org/10.1109/COMST.2023.3265984
Quan WXu ZLiu MCheng NLiu GGao DZhang HShen XZhuang W(2023)AI-Driven Packet Forwarding With Programmable Data Plane: A SurveyIEEE Communications Surveys & Tutorials10.1109/COMST.2022.321761325:1(762-790)Online publication date: Sep-2024
https://doi.org/10.1109/COMST.2022.3217613
Gomez JKfoury ECrichigno JSrivastava G(2023)A survey on network simulators, emulators, and testbeds used for research and educationComputer Networks10.1016/j.comnet.2023.110054237(110054)Online publication date: Dec-2023
https://doi.org/10.1016/j.comnet.2023.110054
Kottur SKadiyala KTammana PShah RBarradas DLiu ZCaltais G(2022)Implementing ChaCha based crypto primitives on programmable SmartNICsProceedings of the ACM SIGCOMM Workshop on Formal Foundations and Security of Programmable Network Infrastructures10.1145/3528082.3544833(15-23)Online publication date: 22-Aug-2022
https://dl.acm.org/doi/10.1145/3528082.3544833
Michel OSengupta SKim HNetravali RRexford JBarakat CPelsser CBenson TChoffnes D(2022)Enabling passive measurement of zoom performance in production networksProceedings of the 22nd ACM Internet Measurement Conference10.1145/3517745.3561414(244-260)Online publication date: 25-Oct-2022
https://dl.acm.org/doi/10.1145/3517745.3561414
Robin DKhan J(2022)Open Source Compiling for V1Model RMT Switch: Making Data Center Networking Innovation Accessible2022 IEEE/ACM 15th International Conference on Utility and Cloud Computing (UCC)10.1109/UCC56403.2022.00024(133-138)Online publication date: Dec-2022
https://doi.org/10.1109/UCC56403.2022.00024
Nicol D(2022)Connectivity Preserving Anonymization of Smart Grid Network Configurations2022 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm)10.1109/SmartGridComm52983.2022.9961050(245-251)Online publication date: 25-Oct-2022
https://doi.org/10.1109/SmartGridComm52983.2022.9961050
Brassil J(2022)Network Traffic as a Federated Testbed Service2022 IEEE Future Networks World Forum (FNWF)10.1109/FNWF55208.2022.00086(450-455)Online publication date: Oct-2022
https://doi.org/10.1109/FNWF55208.2022.00086
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten