AnonV: uma arquitetura para verificação do grau de anonimização em coletas de tráfego de rede
Abstract
Researchers and network administrators face a difficult dilemma when they work with traffic data files collected from the network: how to extract useful information for their work and yet to guarantee the privacy of users, whose information travel through the network, and prevent the leakage of sensitive information that may compromize network security? This work presents a study of aspects of privacy and safety in the use and sharing of network traffic log files, and proposes a methodology for the analysis of the file anonimization process.
References
Allman, M. e Paxson, V. (2007). Issues and etiquette concerning use of share measurement data. In Proceedings of the 7th ACM SIGCOMM Conference on Internet Measurement, págs. 135–140.
Burkhart, M., Brauckhoff, D., May, M. e Boschi, E. (2008). The risk-utility tradeoff for IP address truncation. In Proceedings of the 1st ACM Workshop on Network Data Anonymization, págs. 23–30.
Coull, S., Wright, C., Monrose, F., Collins, M. e Reiter, M. (2007). Inferring sensitive information from anonymized network traces. In Proceedings of the 15th Annual Network & Distributed System Security Symposium (NDSS 07), págs. 35–47.
King, J., Lakkaraju, K. e Slagell, A. (2009). A taxonomy and adversarial model for attacks against network log anonymization. In Proceedings of the Symposium on Applied Computing (SAC’09), págs. 1286–1293.
Kohno, T., Broido, A. e Claffy, K. C. (2005). Remote physical device fingerprinting. In Proceedings of the IEEE Symposium on Security and Privacy, págs. 211–225.
Koukis, D., Antonatos, S., Antoniades, D., Markatos, E. P. e Trimintzios, P. (2006). A generic anonymization framework for network traffic. In Proceedings of the IEEE International Conference on Communication (ICC 06), Vol. 5, págs. 2302–2309.
Luo, K., Li, Y., Ermopoulos, C., Yurcik, W. e Slagell, A. (2006). SCRUB-PA: A multilevel multi-dimensional anonymization tool for process accounting. Technical Report cs.CR/0601079, ACM Computing Research Repository (CoRR).
Minshall, G. (2005). Tcpdpriv. http://ita.ee.lbl.gov/html/contrib/tcpdpriv.html, acessado em 2010.
Ohm, P., Sicker, D. e Grunwald, D. (2007). Legal issues surrounding monitoring during network research. In ACM, editor, Proceedings of the 7th ACM SIGCOMM Conference on Internet Measurement, págs. 141–148.
Pang, R., Allman, M., Paxson, V. e Lee, J. (2006). The devil and packet trace anonymization. ACM SIGCOMM Computer Communication Review, 36(1):29–38.
Ribeiro, B., Chen, W., Miklau, G. e Towsley, D. (2008). Analyzing privacy in enterprise packet trace anonymization. In Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS 08).
Slagell, A., Lakkaraju, K. e Luo, K. (2006). FLAIM: a multi-level anonymization framework for computer and network logs. In Proceedings of the 20th Large Installation System Administration Conference (LISA’06), págs. 68–77.
Slagell, A. e Yurcik, W. (2004). Sharing computer network logs for security and privacy: a motivation for new methodologies of anonymization. In Proceedings of the Workshop on the Value of Security Through Collaboration (SECOVAL).
Spangler, R. (2003). Analysis of remote active operating system fingerprinting tools. Disponível em [link], acessado em dez 2009.
Xu, J., Fan, J., Ammar, M. e Moon, S. B. (2002). Prefix-preserving ip address anonymization: Measurement-based security evaluation and a new cryptography-based scheme. In Proceedings of the 10th IEEE International Conference on In Network Protocols, págs. 280–289.
Burkhart, M., Brauckhoff, D., May, M. e Boschi, E. (2008). The risk-utility tradeoff for IP address truncation. In Proceedings of the 1st ACM Workshop on Network Data Anonymization, págs. 23–30.
Coull, S., Wright, C., Monrose, F., Collins, M. e Reiter, M. (2007). Inferring sensitive information from anonymized network traces. In Proceedings of the 15th Annual Network & Distributed System Security Symposium (NDSS 07), págs. 35–47.
King, J., Lakkaraju, K. e Slagell, A. (2009). A taxonomy and adversarial model for attacks against network log anonymization. In Proceedings of the Symposium on Applied Computing (SAC’09), págs. 1286–1293.
Kohno, T., Broido, A. e Claffy, K. C. (2005). Remote physical device fingerprinting. In Proceedings of the IEEE Symposium on Security and Privacy, págs. 211–225.
Koukis, D., Antonatos, S., Antoniades, D., Markatos, E. P. e Trimintzios, P. (2006). A generic anonymization framework for network traffic. In Proceedings of the IEEE International Conference on Communication (ICC 06), Vol. 5, págs. 2302–2309.
Luo, K., Li, Y., Ermopoulos, C., Yurcik, W. e Slagell, A. (2006). SCRUB-PA: A multilevel multi-dimensional anonymization tool for process accounting. Technical Report cs.CR/0601079, ACM Computing Research Repository (CoRR).
Minshall, G. (2005). Tcpdpriv. http://ita.ee.lbl.gov/html/contrib/tcpdpriv.html, acessado em 2010.
Ohm, P., Sicker, D. e Grunwald, D. (2007). Legal issues surrounding monitoring during network research. In ACM, editor, Proceedings of the 7th ACM SIGCOMM Conference on Internet Measurement, págs. 141–148.
Pang, R., Allman, M., Paxson, V. e Lee, J. (2006). The devil and packet trace anonymization. ACM SIGCOMM Computer Communication Review, 36(1):29–38.
Ribeiro, B., Chen, W., Miklau, G. e Towsley, D. (2008). Analyzing privacy in enterprise packet trace anonymization. In Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS 08).
Slagell, A., Lakkaraju, K. e Luo, K. (2006). FLAIM: a multi-level anonymization framework for computer and network logs. In Proceedings of the 20th Large Installation System Administration Conference (LISA’06), págs. 68–77.
Slagell, A. e Yurcik, W. (2004). Sharing computer network logs for security and privacy: a motivation for new methodologies of anonymization. In Proceedings of the Workshop on the Value of Security Through Collaboration (SECOVAL).
Spangler, R. (2003). Analysis of remote active operating system fingerprinting tools. Disponível em [link], acessado em dez 2009.
Xu, J., Fan, J., Ammar, M. e Moon, S. B. (2002). Prefix-preserving ip address anonymization: Measurement-based security evaluation and a new cryptography-based scheme. In Proceedings of the 10th IEEE International Conference on In Network Protocols, págs. 280–289.
Published
2010-10-11
How to Cite
MELO, Marco Aurélio Vilaça de; GUEDES, Dorgival.
AnonV: uma arquitetura para verificação do grau de anonimização em coletas de tráfego de rede. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 10. , 2010, Fortaleza.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2010
.
p. 367-380.
DOI: https://doi.org/10.5753/sbseg.2010.20600.
