MetaCart Sign in to MyCiteSeerX

Include Citations | Advanced Search | Help

Disambiguated Search | Include Citations | Advanced Search | Help

Prefix-Preserving IP Address Anonymization: Measurement-based Security Evaluation and a New Cryptography-based Scheme (2002) [46 citations — 0 self]

Abstract:

Real-world traffic traces are crucial for Internet research, but only a very small percentage of traces collected are made public. One major reason why traffic trace owners hesitate to make the traces publicly available is the concern that confidential and private information may be inferred from the trace. In this paper we focus on the problem of anonymizing IP addresses in a trace. More specifically, we are interested in prefix-preserving anonymization in which the prefix relationship among IP addresses is preserved in the anonymized trace, making such a trace usable in situations where prefix relationships are important. The goal of our work is two fold. First, we develop a cryptographybased, prefix-preserving anonymization technique that is provably as secure as the existing well-known TCPdpriv scheme, and unlike TCPdpriv, provides consistent prefix-preservation in large scale distributed setting. Second, we evaluate the security properties inherent in all prefix-preserving IP address anonymization schemes (including TCPdpriv). Through the analysis of Internet backbone traffic traces, we investigate the effect of some types of attacks on the security of any prefix-preserving anonymization algorithm. We also derive results for the optimum manner in which an attack should proceed, which provides a bound on the effectiveness of attacks in general.

Citations

483 How to construct random functions – GOLDREICH, GOLDWASSER, et al. - 1986
463 Cryptography: Theory and Practice – Stinson - 2002
269 A Note on the Confinement Problem – Lampson - 1973
206 How to construct pseudorandom permutations from pseudorandom functions – Luby, Rackoff - 1988
178 On Network-Aware Clustering of Web Clients – Krishnamurthy, Wang - 2000
131 The Security of Cipher Block Chaining – Bellare, Kilian, et al. - 1994
65 Aes proposal: Rijndael – Daemen, Rijmen - 1999
63 Theory and applications of trapdoor functions (extended abstract – Yao - 1982
48 The NLANR network analysis infrastructure – McGregor, Braun, et al. - 2000
48 the Open Source Network Intrusion Detection System http://www. snort.org – Snort
39 Survey and taxonomy of IP address lookup algorithms – Sanchez, Biersack, et al.
28 The Omega Key Management Service – Reiter, Franklin, et al. - 1996
25 Practice-oriented provable-security – Bellare - 1998
20 Yaksha: Augmenting Kerberos with Public Key Cryptography – Ganesan - 1995
10 Traffic data repository at the wide project – Cho, Mitsuya, et al. - 2000
3 TCPdpriv Command Manual – Minshall - 1996
3 Lecture notes on cryptography. available online from http://wwwcse.ucsd.edu/users/mihir/papers/gb.html – Goldwasser, Bellare
3 Thoughts on how to mount an attack on tpcpdriv’s ”-a50” option ... In TCPpdpriv source distribution – Ylonen - 1996
2 An authentication service for computer networks, from IEEE communications magazine – Neuman, Kerberos - 1994
1 Thoughts on how to mount an attack on tpcpdriv's "-a50" option ... In TCPpdpriv source distribution – Ylonen - 1996
1 sdc-964451101.tstamp+plen+destip’ included with NLANR network traffic packet header traces – File - 2000
View or Download | Add to My Collection | Correct Errors