skip to main content
research-article
Public Access

A Multi-view Approach to Preserve Privacy and Utility in Network Trace Anonymization

Published:09 February 2021Publication History
Skip Abstract Section

Abstract

As network security monitoring grows more sophisticated, there is an increasing need for outsourcing such tasks to third-party analysts. However, organizations are usually reluctant to share their network traces due to privacy concerns over sensitive information, e.g., network and system configuration, which may potentially be exploited for attacks. In cases where data owners are convinced to share their network traces, the data are typically subjected to certain anonymization techniques, e.g., CryptoPAn, which replaces real IP addresses with prefix-preserving pseudonyms. However, most such techniques either are vulnerable to adversaries with prior knowledge about some network flows in the traces or require heavy data sanitization or perturbation, which may result in a significant loss of data utility. In this article, we aim to preserve both privacy and utility through shifting the trade-off from between privacy and utility to between privacy and computational cost. The key idea is for the analysts to generate and analyze multiple anonymized views of the original network traces: Those views are designed to be sufficiently indistinguishable even to adversaries armed with prior knowledge, which preserves the privacy, whereas one of the views will yield true analysis results privately retrieved by the data owner, which preserves the utility. We formally analyze the privacy of our solution and experimentally evaluate it using real network traces provided by a major ISP. The experimental results show that our approach can significantly reduce the level of information leakage (e.g., less than 1% of the information leaked by CryptoPAn) with comparable utility.

References

  1. Michalis Foukarakis, Demetres Antoniades, Spiros Antonatos, and Evangelos P. Markatos. 2007. Flexible and high-performance anonymization of NetFlow records using anontool. In Proceedings of the 3rd International Conference on Security and Privacy in Communications Networks and the Workshops (SecureComm’07). IEEE, 33--38.Google ScholarGoogle Scholar
  2. David Moore, Ken Keys, Ryan Koga, Edouard Lagache, and K. C. Claffy. 2001. The CoralReef software suite as a tool for system and network administrators. In Proceedings of the 15th USENIX Conference on System Administration (LISA’01). USENIX Association, Berkeley, CA, 133--144.Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Yifan Li, Adam Slagell, Katherine Luo, and William Yurcik. 2005. CANINE: A combined conversion and anonymization tool for processing net flows for security. In Proceedings of Tenth International Conference on Telecommunication Systems.Google ScholarGoogle Scholar
  4. Jani Hautakorpi and Gonzalo Camarillo Gonzalez. IP Address Distribution in Middleboxes. U.S. Patent Application No. 12/518,452.Google ScholarGoogle Scholar
  5. Meisam Mohammady, Lingyu Wang, Yuan Hong, Habib Louafi, Makan Pourzandi, and Mourad Debbabi. 2018. Preserving both privacy and utility in network trace anonymization. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS’18). ACM, New York, NY, 459--474. DOI:https://doi.org/10.1145/3243734.3243809Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Wen Ding, William Yurcik, and Xiaoxin Yin. 2005. Outsourcing internet security: Economic analysis of incentives for managed security service providers. In Proceedings of the International Workshop on Internet and Network Economics. Springer, Berlin, 947--958.Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Daniele Riboni, Antonio Villani, Domenico Vitali, Claudio Bettini, and Luigi V. Mancini. 2012. Obfuscation of sensitive data in network flows. In Proceedings of the IEEE International Conference on Computer Communications (INFOCOM’12). IEEE, 2372--2380.Google ScholarGoogle Scholar
  8. Jun Xu, Jinliang Fan, Mostafa H. Ammar, and Sue B. Moon. 2002. Prefix-preserving ip address anonymization: Measurement-based security evaluation and a new cryptography-based scheme. In Proceedings of the 10th IEEE International Conference on Network Protocols. IEEE, 280--289.Google ScholarGoogle Scholar
  9. T. Brekne, A. Årnes, and A. Øslebø. 2005. Anonymization of ip traffic monitoring data: Attacks on two prefix-preserving anonymization schemes and some proposed remedies. In Proceedings of the International Workshop on Privacy Enhancing Technologies. Springer, Berlin, 179--196.Google ScholarGoogle Scholar
  10. Adam J. Slagell, Yifan Li, and Katherine Luo. 2005. Sharing network logs for computer forensics: A new tool for the anonymization of netflow records. In Proceedings of the Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks. IEEE, 37--42.Google ScholarGoogle ScholarCross RefCross Ref
  11. Morris Dworkin. Recommendation for block cipher modes of operation: Methods for format-preserving encryption. NIST Special Publication 800 (2016): 38G.Google ScholarGoogle Scholar
  12. Tianqing Zhu, Gang Li, Wanlei Zhou, and S. Yu Philip. 2017. Differentially private data publishing and analysis: A survey. IEEE Trans. Knowl. Data Eng. 29 8 (2017), 1619--1638.Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Tønnes Brekne and André Årnes. 2005. Circumventing IP-address pseudonymization. In Communications and Computer Networks. 43--48.Google ScholarGoogle Scholar
  14. Ting-Fang Yen, Xin Huang, Fabian Monrose, and Michael K. Reiter. 2009. Browser fingerprinting from coarse traffic summaries: Techniques and implications. In Proceedings of the International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment. Springer, Berlin, 157--175.Google ScholarGoogle Scholar
  15. Martin Burkhart, Daniela Brauckhoff, Martin May, and Elisa Boschi. 2008. The risk-utility tradeoff for IP address truncation. In Proceedings of the 1st ACM workshop on Network data anonymization. ACM, 23--30.Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Ruoming Pang, Mark Allman, Vern Paxson, and Jason Lee. 2006. The devil and packet trace anonymization. SIGCOMM Comput. Commun. Rev. 36, 1 (January 2006), 29--38. DOI:https://doi.org/10.1145/1111322.1111330Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Scott E. Coull, Michael P. Collins, Charles V. Wright, Fabian Monrose, and Michael K. Reiter. 2007. On web browsing privacy in anonymized NetFlows. In Proceedings of the Conference on USENIX Security.Google ScholarGoogle Scholar
  18. Wai Kit Wong, David W. Cheung, Edward Hung, Ben Kao, and Nikos Mamoulis. 2007. Security in outsourcing of association rule mining. In Proceedings of the 33rd International Conference on Very Large Data Bases. VLDB Endowment, 111--122.Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Dimitris Koukis, Spyros Antonatos, Demetres Antoniades, Evangelos P. Markatos, and Panagiotis Trimintzios. 2006. A generic anonymization framework for network traffic. In Proceedings of the IEEE International Conference on Communications. IEEE, 5, 2302--2309.Google ScholarGoogle ScholarCross RefCross Ref
  20. Ed Ferrara, Christopher McClean, and Michael Caputo. 2014. The Forrester Wave: Managed security services: North America, q4. Forrester Research.Google ScholarGoogle Scholar
  21. Chih-Hua Tai, Philip S. Yu, and Ming-Syan Chen. 2010. k-Support anonymity based on pseudo taxonomy for outsourcing of frequent itemset mining. In Proceedings of the 16th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM, 473--482.Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. Greg Minshall. Tcpdpriv. Retrieved from http://ita. ee. lbl. gov/html/contrib/tcpdpriv. html.Google ScholarGoogle Scholar
  23. Universita degli Studi di Brescia. 2009. tcpanon. Retrieved from http://netweb.ing.unibs.it/ tools/tcpanon/index.php.Google ScholarGoogle Scholar
  24. Yurcik, William, Clay Woolam, Greg Hellings, Latifur Khan, and Bhavani Thuraisingham. 2007. Scrub-tcpdump: A multi-level packet anonymizer demonstrating privacy/analysis tradeoffs. In Proceedings of the 3rd International Conference on Security and Privacy in Communications Networks and the Workshops (SecureComm’07). IEEE, 49--56.Google ScholarGoogle Scholar
  25. Peter Haag. 2005. Watch your Flows with NfSen and NFDUMP. In Proceedings of the 50th RIPE Meeting.Google ScholarGoogle Scholar
  26. Jelena Mirkovic. 2008. Privacy-safe network trace sharing via secure queries. In Proceedings of the 1st ACM Workshop on Network Data Anonymization (NDA’08). ACM, New York, NY, 3--10. DOI:https://doi.org/10.1145/1456441.1456445Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Niels Van Dijkhuizen and Jeroen Van Der Ham. 2018. A survey of network traffic anonymisation techniques and implementations. ACM Comput. Surv. 51, 3, Article 52 (May 2018), 27 pages. DOI:https://doi.org/10.1145/3182660.Google ScholarGoogle Scholar
  28. Matt Roughan. 2006. Public review for the devil and packet trace anonymization. SIGCOMM Comput. Commun. Rev. 36, 1 (Jan. 2006), 27--28. DOI:http://dx.doi.org/10.1145/1111322.1111329Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Adam J. Slagell, Kiran Lakkaraju, and Katherine Luo. 2006. FLAIM: A multi-level anonymization framework for computer and network logs. In Proceedings of the Large Installation System Administration Conference (LISA’06). 3--8.Google ScholarGoogle Scholar
  30. Michael Foukarakis, Demetres Antoniades, and Michalis Polychronakis. 2009. Deep packet anonymization. In Proceedings of the 2nd European Workshop on System Security. ACM, 16--21.Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Martin Burkhart, Dominik Schatzmann, Brian Trammell, Elisa Boschi, and Bernhard Plattner. 2010. The role of network trace anonymization under attack. ACM SIGCOMM Comput. Commun. Rev. 40, 1 (2010), 5--11.Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Jeffrey C. Mogul, and Martin Arlitt. 2006. Sc2d: An alternative to trace anonymization. In Proceedings of the SIGCOMM Workshop on Mining Network Data. ACM, 323--328.Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Florian Kerschbaum. 2015. Frequency-hiding order-preserving encryption. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (CCS’15). ACM, New York, NY, 656--667. DOI:https://doi.org/10.1145/2810103.2813629Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Dongxi Liu and Shenlu Wang. 2013. Nonlinear order preserving index for encrypted database query in service cloud environments. Concurr. Comput.: Pract. Exper. 25, 13 (2013), 1967--1984.Google ScholarGoogle ScholarCross RefCross Ref
  35. Prateek Mittal, Vern Paxson, Robin Sommer, and Mark Winterrowd. 2009. Securing mediated trace access using black-box permutation analysis. In Proceedings of the ACM Workshop on Hot Topics in Networks (HotNets’09).Google ScholarGoogle Scholar
  36. Frank McSherry and Ratul Mahajan. 2010. Differentially private network trace analysis. In ACM SIGCOMM Computer Communication Review, 40, 4 (2010), 123--134.Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. Kato Mivule and Blake Anderson. 2015. A study of usability-aware network trace anonymization. In Proceedings of the Science and Information Conference (SAI’15). IEEE, 1293--1304.Google ScholarGoogle ScholarCross RefCross Ref
  38. Tanjila Farah and Ljiljana Trajković. 2013. Anonym: A tool for anonymization of the Internet traffic. In Proceedings of the IEEE International Conference on Cybernetics (CYBCO’13). IEEE, 261--266.Google ScholarGoogle ScholarCross RefCross Ref
  39. Travis Mayberry, Erik-Oliver Blass, and Agnes Hui Chan. 2014. Efficient private file retrieval by combining ORAM and PIR. In Proceedings of the Network and Distributed System Security Symposium (NDSS’14).Google ScholarGoogle ScholarCross RefCross Ref
  40. Adam J. Slagell, Kiran Lakkaraju, and Katherine Luo. 2006. FLAIM: A multi-level anonymization framework for computer and network logs. In Proceedings of the Large Installation System Administration Conference (LISA’06). 3--8.Google ScholarGoogle Scholar
  41. Jun Xu, Jinliang Fan, Mostafa H. Ammar, and Sue B. Moon. 2002. Prefix-preserving ip address anonymization: Measurement-based security evaluation and a new cryptography-based scheme. In Proceedings of the 10th IEEE International Conference on Network Protocols. IEEE, 280--289.Google ScholarGoogle Scholar
  42. Xiao Shaun Wang, Yan Huang, T. H. Hubert Chan, Abhi Shelat, and Elaine Shi. 2014. SCORAM: Oblivious RAM for secure computation. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. ACM, 191--202.Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. William Yurcik, Clay Woolam, Greg Hellings, Latifur Khan, and Bhavani Thuraisingham. 2008. Measuring anonymization privacy/analysis tradeoffs inherent to sharing network data. In Proceedings of the IEEE Network Operations and Management Symposium (NOMS’08). IEEE, 991--994.Google ScholarGoogle ScholarCross RefCross Ref
  44. Shantanu Gattani and Thomas E. Daniels. 2008. Reference models for network data anonymization. In Proceedings of the 1st ACM Workshop on Network Data Anonymization. ACM, 41--48.Google ScholarGoogle Scholar
  45. Zach Jorgensen, Ting Yu, and Graham Cormode. 2015. Conservative or liberal? Personalized differential privacy. In Proceedings of the IEEE 31St International Conference on Data Engineering. IEEE, 1023--1034.Google ScholarGoogle ScholarCross RefCross Ref
  46. Ninghui Li, Wahbeh Qardaji, and Dong Su. 2012. On sampling, anonymization, and differential privacy or, k-anonymization meets differential privacy. In Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security (ASIACCS’12). ACM, New York, NY, 32--33.Google ScholarGoogle ScholarDigital LibraryDigital Library
  47. Ninghui Li, Wahbeh Qardaji, and Dong Su. 2011. Provably private data anonymization: Or, k-anonymity meets differential privacy. CoRR. abs/1101.2604.Google ScholarGoogle Scholar
  48. Ruoming Pang and Vern Paxson. 2003. A high-level programming environment for packet trace anonymization and transformation. In Proceedings of the Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications (SIGCOMM’03). ACM, New York, NY, 339--351. DOI:https://doi.org/10.1145/863955.863994Google ScholarGoogle ScholarDigital LibraryDigital Library
  49. Johannes Gehrke, Michael Hay, Edward Lui, and Rafael Pass. 2012. Crowd-blending privacy. In Proceedings of the Annual Cryptology Conference. Springer, Berlin, 479--496.Google ScholarGoogle ScholarDigital LibraryDigital Library
  50. Raffael Bild, Klaus A. Kuhn, and Fabian Prasser. 2018. Safepub: A truthful data anonymization algorithm with strong privacy guarantees. Proc. Privacy Enhanc. Technol. 1 (2018), 67--87.Google ScholarGoogle ScholarCross RefCross Ref
  51. Liyue Fan and Hongxia Jin. 2015. A practical framework for privacy-preserving data analytics. In Proceedings of the 24th International Conference on World Wide Web (WWW’15). 311--321. DOI:https://doi.org/10.1145/2736277.2741122Google ScholarGoogle ScholarDigital LibraryDigital Library
  52. Jianqing Zhang, Nikita Borisov, and William Yurcik. 2006. Outsourcing security analysis with anonymized logs. In Proceedings of the Securecomm and Workshops. IEEE, 2006, 1--9.Google ScholarGoogle ScholarCross RefCross Ref
  53. Stefan Saroiu, P. Krishna Gummadi, and Steven D. Gribble. 2001. Measurement study of peer-to-peer file sharing systems. In Proceedings of the Conference on Electronic Imaging. International Society for Optics and Photonics, 156--170.Google ScholarGoogle Scholar
  54. Benny Chor et al. 1995. Private information retrieval. In Proceedings of the 36th Annual Symposium on Foundations of Computer Science. IEEE, 1995.Google ScholarGoogle Scholar
  55. Piotr Biler and Alfred Witkowski. 1990. Problems in mathematical analysis. https://search.ebscohost.com/login.aspx?direct=truescope=sitedb=nlebkdb=nlabkAN=1619203.Google ScholarGoogle Scholar
  56. Qianli Zhang and Xing Li. 2006. An IP address anonymization scheme with multiple access levels. In Proceedings of the International Conference on Information Networking. Springer, Berlin, 793--802.Google ScholarGoogle ScholarDigital LibraryDigital Library
  57. Bruno F. Ribeiro, Weifeng Chen, Gerome Miklau, and Donald F. Towsley. 2008. Analyzing privacy in enterprise packet trace anonymization. In Proceedings of the Network and Distributed System Security Symposium (NDSS’08).Google ScholarGoogle Scholar
  58. Georgios Kellaris, George Kollios, Kobbi Nissim, and Adam O’Neill. 2016. Generic attacks on secure outsourced databases. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS’16). ACM, New York, NY, 1329--1340. DOI:https://doi.org/10.1145/2976749.2978386Google ScholarGoogle ScholarDigital LibraryDigital Library
  59. F. Betül Durak, Thomas M. DuBuisson, and David Cash. 2016. What else is revealed by order-revealing encryption? In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS’16). ACM, New York, NY, 1155--1166. DOI:https://doi.org/10.1145/2976749.2978379Google ScholarGoogle ScholarDigital LibraryDigital Library
  60. Vincent Bindschaedler, Paul Grubbs, David Cash, Thomas Ristenpart, and Vitaly Shmatikov. 2018. The tao of inference in privacy-protected databases. Proc. VLDB Endow. 11, 11 (July 2018), 1715--1728. DOI:https://doi.org/10.14778/3236187.3236217.Google ScholarGoogle ScholarDigital LibraryDigital Library
  61. Paul Grubbs, Marie-Sarah Lacharite, Brice Minaud, Kenneth G. Paterson. 2019. Learning to reconstruct: Statistical learning theory and encrypted database attacks. In Proceedings of the IEEE Symposium on Security and Privacy (S8P’19).Google ScholarGoogle ScholarCross RefCross Ref
  62. Scott E. Coull, Charles V. Wright, Fabian Monrose, Michael P. Collins, and Michael K. Reiter. 2007. Playing Devil’s advocate: Inferring sensitive information from anonymized network traces. In Proceedings of the Network and Distributed System Security Symposium (NDSS’07). 35--47.Google ScholarGoogle Scholar
  63. William Yurcik, and Yifan Li. 2005. Internet security visualization case study: Instrumenting a network for NetFlow security visualization tools. In Proceedings of the 21st Annual Computer Security Applications Conference (ACSAC’05).Google ScholarGoogle Scholar
  64. S. E. Coull, Monrose, F., Reiter, M. K., and Bailey, M. 2009. The challenges of effectively anonymizing network data. In Proceedings of the Conference For Homeland Security (CATCH’09). IEEE, 230--236.Google ScholarGoogle Scholar
  65. Valentin Del Piccolo et al. 2016. A survey of network isolation solutions for multi-tenant data centers. IEEE Commun. Surveys Tutor. 18, 4 (2016), 2787--2821.Google ScholarGoogle ScholarDigital LibraryDigital Library
  66. Cynthia Dwork. 2011. Differential privacy. Encyclopedia of Cryptography and Security (2011), 338--340.Google ScholarGoogle Scholar
  67. Cynthia Dwork. 2008. Differential privacy: A survey of results. In Proceedings of the International Conference on Theory and Applications of Models of Computation. Springer, Berlin, 1--19.Google ScholarGoogle ScholarCross RefCross Ref
  68. Eyal Kushilevitz and Rafail Ostrovsky. 1997. Replication is not needed: Single database, computationally-private information retrieval. In Proceedings of the 38th Annual Symposium on Foundations of Computer Science. IEEE, 364--373.Google ScholarGoogle ScholarCross RefCross Ref
  69. Oded Goldreich and Rafail Ostrovsky. 1996. Software protection and simulation on oblivious RAMs. J. ACM 43, 3 (May 1996), 431--473. DOI:http://dx.doi.org/10.1145/233551.233553Google ScholarGoogle ScholarDigital LibraryDigital Library
  70. Cynthia Dwork, Frank McSherry, Kobbi Nissim, and Adam Smith. 2006. Calibrating noise to sensitivity in private data analysis. In Proceedings of the Theory of Cryptography Conference. Springer, Berlin, 265--284.Google ScholarGoogle ScholarDigital LibraryDigital Library
  71. Andrew Chi-Chih Yao. 1986. How to generate and exchange secrets. In Proceedings of the 27th Annual Symposium on Foundations of Computer Science. IEEE, 162--167.Google ScholarGoogle Scholar
  72. Oded Goldreich. 1999. Secure multi-party computation. In Available at Theory of Cryptography Library. http://philby.ucsb.edu/cryptolib/BOOKS.Google ScholarGoogle Scholar
  73. Thomas H. Cormen et al. 2001. Data structures for disjoint sets. Introduction to Algorithms (2nd Edition). The MIT Press.Google ScholarGoogle Scholar
  74. Robert Sedgewick. 1978. Implementing quicksort programs. Commun. ACM 21, 10 (1978), 847--857.Google ScholarGoogle ScholarDigital LibraryDigital Library
  75. Adam Slagell, Jun Wang, and William Yurcik. 2004. Network log anonymization: Application of Crypto-PAn to Cisco netflows. In Proceedings of the Workshop on Secure Knowledge Management.Google ScholarGoogle Scholar
  76. Minshall G. TCPdpriv command manual. 1996. Retrieved from http://ita.ee.lbl.gov/html/contrib/tcpdpriv.0.txt.Google ScholarGoogle Scholar
  77. Ruma R. Paul, Victor C. Valgenti, and Min Sik Kim. 2011. Real-time Netshuffle: Graph distortion for on-line anonymization. In Proceedings of the 19th IEEE International Conference on Network Protocols (ICNP’11). IEEE, 133--134.Google ScholarGoogle ScholarDigital LibraryDigital Library
  78. Gagan Aggarwal, Tomás Feder, Krishnaram Kenthapadi, Samir Khuller, Rina Panigrahy, Dilys Thomas, and An Zhu. 2006. Achieving anonymity via clustering. In Proceedings of the 25th ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems. ACM, 153--162.Google ScholarGoogle ScholarDigital LibraryDigital Library
  79. Martin Burkhart, Mario Strasser, Dilip Many, and Xenofontas Dimitropoulos. 2010. SEPIA: Privacy-preserving aggregation of multi-domain network events and statistics. In Proceedings of USENIX Security Symposium.Google ScholarGoogle Scholar
  80. Alexandra Boldyreva, Nathan Chenette, Younho Lee, and Adam O’neill. 2009. Order-preserving symmetric encryption. In Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, Berlin, 224--241.Google ScholarGoogle ScholarCross RefCross Ref
  81. Reza Curtmola, Juan Garay, Seny Kamara, and Rafail Ostrovsky. 2011. Searchable symmetric encryption: Improved definitions and efficient constructions. J. Comput. Secur. 19 5 (2011), 895--934.Google ScholarGoogle Scholar
  82. Dawn Xiaoding Song, David Wagner, and Adrian Perrig. 2000. Practical techniques for searches on encrypted data. In Proceedings of the IEEE Symposium on Security and Privacy (S8P’00). IEEE, 44--55.Google ScholarGoogle ScholarDigital LibraryDigital Library
  83. Craig Gentry. 2009. Fully homomorphic encryption using ideal lattices. In Proceedings of the 41st Annual ACM Symposium on Theory of Computing (STOC’09). ACM, New York, NY, 169--178.Google ScholarGoogle ScholarDigital LibraryDigital Library
  84. Dan Boneh, Amit Sahai, and Brent Waters. 2011. Functional encryption: Definitions and challenges. In Proceedings of the Theory of Cryptography Conference. Springer, Berlin, 253--273.Google ScholarGoogle ScholarCross RefCross Ref
  85. Mihir Bellare, Alexandra Boldyreva, and Adam O’Neill. 2007. Deterministic and efficiently searchable encryption. In Proceedings of the Annual International Cryptology Conference. Springer, Berlin, 535--552.Google ScholarGoogle ScholarCross RefCross Ref
  86. Alexandra Boldyreva, Nathan Chenette, Younho Lee, and Adam O’neill. 2009. Order-preserving symmetric encryption. In Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, Berlin, 224--241.Google ScholarGoogle ScholarCross RefCross Ref
  87. Mohammad Saiful Islam, Mehmet Kuzu, and Murat Kantarcioglu. 2012. Access pattern disclosure on searchable encryption: Ramification, attack and mitigation. In Proceedings of the Network and Distributed System Security Symposium (NDSS’12), 20.Google ScholarGoogle Scholar
  88. Muhammad Naveed, Seny Kamara, and Charles V. Wright. 2015. Inference attacks on property-preserving encrypted databases. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. ACM, 644--655.Google ScholarGoogle Scholar
  89. Zhao Chang, Dong Xie, and Feifei Li. 2016. Oblivious ram: A dissection and experimental evaluation. Proc. VLDB Endow. 9 12 (2016), 1113--1124.Google ScholarGoogle ScholarDigital LibraryDigital Library
  90. Brian Caswell and Jay Beale. 2004. Snort 2.1 Intrusion Detection. Elsevier.Google ScholarGoogle Scholar
  91. E. Stefanov, M. Van Dijk, E. Shi, C. Fletcher, L. Ren, X. Yu, and S. Devadas. 2013. Path ORAM: an extremely simple oblivious RAM protocol. In Proceedings of the 20th ACM SIGSAC Conference on Computer and Communications Security (CCS’13). ACM, 299--310.Google ScholarGoogle Scholar
  92. Justin King, Kiran Lakkaraju, and Adam Slagell. 2009. A taxonomy and adversarial model for attacks against network log anonymization. In Proceedings of the ACM Symposium on Applied Computing (SAC’09). ACM, New York, NY, 1286--1293. DOI:https://doi.org/10.1145/1529282.1529572Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. A Multi-view Approach to Preserve Privacy and Utility in Network Trace Anonymization

    Recommendations

    Comments

    Login options

    Check if you have access through your login credentials or your institution to get full access on this article.

    Sign in

    Full Access

    • Published in

      cover image ACM Transactions on Privacy and Security
      ACM Transactions on Privacy and Security  Volume 24, Issue 3
      August 2021
      286 pages
      ISSN:2471-2566
      EISSN:2471-2574
      DOI:10.1145/3450360
      Issue’s Table of Contents

      Copyright © 2021 ACM

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      • Published: 9 February 2021
      • Accepted: 1 November 2020
      • Revised: 1 August 2020
      • Received: 1 December 2019
      Published in tops Volume 24, Issue 3

      Permissions

      Request permissions about this article.

      Request Permissions

      Check for updates

      Qualifiers

      • research-article
      • Research
      • Refereed

    PDF Format

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    HTML Format

    View this article in HTML Format .

    View HTML Format
    About Cookies On This Site

    We use cookies to ensure that we give you the best experience on our website.

    Learn more

    Got it!