Title:
Prefix-Preserving IP Address Anonymization: Measurement-based Security Evaluation and a New Cryptography-based Scheme
Prefix-Preserving IP Address Anonymization: Measurement-based Security Evaluation and a New Cryptography-based Scheme
Authors
Fan, Jinliang
Ammar, Mostafa H.
Moon, Sue B.
Xu, Jun
Ammar, Mostafa H.
Moon, Sue B.
Xu, Jun
Authors
Person
Advisors
Advisors
Associated Organizations
Organizational Unit
Series
Collections
Supplementary to
Permanent Link
Abstract
Real-world traffic traces are crucial for Internet research, but only a very
small percentage of traces collected are made public. One major reason why
traffic trace owners hesitate to make the traces publicly available is the
concern that confidential and private information may be inferred from the
trace. In this paper we focus on the problem of anonymizing IP addresses in
a trace. More specifically, we are interested in prefix-preserving anonymization in
which the prefix relationship among IP addresses is preserved in the
anonymized trace, making such a trace usable in situations where prefix
relationships are important. The goal of our work is two fold. First, we develop a cryptography-based, prefix-preserving
anonymization technique that is provably as secure as the existing well-known
TCPdpriv scheme, and unlike TCPdpriv, provides consistent prefix-preservation
in large scale distributed setting. Second, we evaluate
the security properties inherent in all prefix-preserving IP address
anonymization schemes (including TCPdpriv). Through the analysis of
Internet backbone traffic traces, we investigate the effect of some types of
attacks on the security of any prefix-preserving anonymization algorithm.
We also derive results for the optimum manner in which an attack should
proceed, which provides a bound on the effectiveness of attacks in general.
Sponsor
Date Issued
2002
Extent
721483 bytes
Resource Type
Text
Resource Subtype
Technical Report