skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Anonymization of Network Traces Data through Condensation-based Differential Privacy

Journal Article · · Digital Threats: Research and Practice
DOI:https://doi.org/10.1145/3425401· OSTI ID:1836674
ORCiD logo [1];  [2];  [2];  [2];  [2]
  1. Yarmouk University, Irbid (Jordan); Univ. of Maryland Baltimore County (UMBC), Baltimore, MD (United States)
  2. Univ. of Maryland Baltimore County (UMBC), Baltimore, MD (United States)
+ Show Author Affiliations

Network traces are considered a primary source of information to researchers, who use them to investigate research problems such as identifying user behavior, analyzing network hierarchy, maintaining network security, classifying packet flows, and much more. However, most organizations are reluctant to share their data with a third party or the public due to privacy concerns. Therefore, data anonymization prior to sharing becomes a convenient solution to both organizations and researchers. Although several anonymization algorithms are available, few of them allow sufficient privacy (organization need), acceptable data utility (researcher need), and efficient data analysis at the same time. This article introduces a condensation-based differential privacy anonymization approach that achieves an improved tradeoff between privacy and utility compared to existing techniques and produces anonymized network trace data that can be shared publicly without lowering its utility value. Our solution also does not incur extra computation overhead for the data analyzer. A prototype system has been implemented, and experiments have shown that the proposed approach preserves privacy and allows data analysis without revealing the original data even when injection attacks are launched against it. When anonymized datasets are given as input to graph-based intrusion detection techniques, they yield almost identical intrusion detection rates as the original datasets with only a negligible impact.

Research Organization:
Anonitech, LLC, Ellicott City, MD (United States)
Sponsoring Organization:
USDOE Office of Science (SC)
Grant/Contract Number:
SC0021525
OSTI ID:
1836674
Journal Information:
Digital Threats: Research and Practice, Vol. 2, Issue 4; ISSN 2692-1626
Publisher:
Association for Computing Machinery (ACM)Copyright Statement
Country of Publication:
United States
Language:
English

References (10)

k-ANONYMITY: A MODEL FOR PROTECTING PRIVACY journal October 2002
Deep packet anonymization conference January 2009
Ordinal, Continuous and Heterogeneous k-Anonymity Through Microaggregation journal August 2005
Prefix-preserving IP address anonymization: measurement-based security evaluation and a new cryptography-based scheme journal October 2004
L -diversity: Privacy beyond k -anonymity journal March 2007
Privacy-preserving network flow recording journal August 2011
The devil and packet trace anonymization journal January 2006
The role of network trace anonymization under attack journal January 2010
PktAnon – A Generic Framework for Profile-based Traffic Anonymization journal January 2008
A Practical Attack to De-anonymize Social Network Users conference January 2010

Similar Records

Mitigate: An Adaptive Network Data Anonymization Tool Using Condensation-Based Differential Privacy
Technical Report · Mon Mar 14 00:00:00 EDT 2022 · OSTI ID:1836674
Distributed Energy Resource Management Systems: Preserving Customer Privacy through K-Anonymity
Conference · Sun Jul 16 00:00:00 EDT 2023 · 2023 IEEE Power & Energy Society General Meeting (PESGM) · OSTI ID:1836674
+1 more
Privacy Vulnerability of Published Anonymous Mobility Traces
Journal Article · Sat Jun 01 00:00:00 EDT 2013 · IEEE/ACM Transactions on Networking · OSTI ID:1836674
+1 more

Related Subjects

97 MATHEMATICS AND COMPUTING
Data Injection attacks
information security
netflow
intrusion detection
semantic link network
differential privacy
trace anonymization
Privacy-preserving protocols
Intrusion detection systems