Abstract

<p>Raw network traces can be used to compromise the privacy of Internet users. For this reason, many ISPs are reluctant to collect network traces – they often regard possession of such traces as a liability. To mitigate this concern, anonymization techniques have been developed to protect user-identifying information. While most projects anonymize their traces as a post-processing step (i.e., offline), offline anonymization is insecure because raw data may still be exposed during the trace collection and anonymization steps. As an alternative, anonymization can be performed online, drastically reducing the privacy risks associated with storing raw data. Unfortunately, online anonymization is challenging in practice – data must be captured, reconstructed, analyzed, and anonymized at line speed.</p> <p>This paper presents a network tracing architecture that combines the performance benefits of offline anonymization with the privacy benefits of online anonymization. Our approach uses a virtual machine and an encrypted file system to protect the raw data allowing it to be securely anonymized offline. In this paper, we present our system’s design, and the implementation and evaluation of a simple prototype.</p>

 

Manuscript

 

Bibtex