In the last decade, the release of network flows has gained significant popularity among researchers and networking communities. Indeed, network flows are a fundamental tool for modeling the network behavior, identifying security attacks, and validating research results. Unfortunately, due to the sensitive nature of network flows, security and privacy concerns discourage the publication of such datasets. On the one hand, existing techniques proposed to sanitize network flows do not provide any formal guarantees. On the other hand, microdata anonymization techniques are not directly applicable to network flows. In this paper, we propose a novel obfuscation technique for network flows that provides formal guarantees under realistic assumptions about the adversary's knowledge. Our work is supported by extensive experiments with a large set of real network flows collected at an important Italian Tier II Autonomous System, hosting sensitive government and corporate sites. Experimental results show that our obfuscation technique preserves the utility of network flows for network traffic analysis. © 2012 IEEE.

Obfuscation of sensitive data in network flows / Daniele, Riboni; Antonio, Villani; Vitali, Domenico; Claudio, Bettini; Mancini, Luigi Vincenzo. - STAMPA. - (2012), pp. 2372-2380. (Intervento presentato al convegno IEEE Conference on Computer Communications, INFOCOM 2012 tenutosi a Orlando, FL nel 25 March 2012 through 30 March 2012) [10.1109/infcom.2012.6195626].

Obfuscation of sensitive data in network flows

VITALI, Domenico;MANCINI, Luigi Vincenzo
2012

Abstract

In the last decade, the release of network flows has gained significant popularity among researchers and networking communities. Indeed, network flows are a fundamental tool for modeling the network behavior, identifying security attacks, and validating research results. Unfortunately, due to the sensitive nature of network flows, security and privacy concerns discourage the publication of such datasets. On the one hand, existing techniques proposed to sanitize network flows do not provide any formal guarantees. On the other hand, microdata anonymization techniques are not directly applicable to network flows. In this paper, we propose a novel obfuscation technique for network flows that provides formal guarantees under realistic assumptions about the adversary's knowledge. Our work is supported by extensive experiments with a large set of real network flows collected at an important Italian Tier II Autonomous System, hosting sensitive government and corporate sites. Experimental results show that our obfuscation technique preserves the utility of network flows for network traffic analysis. © 2012 IEEE.
2012
IEEE Conference on Computer Communications, INFOCOM 2012
04 Pubblicazione in atti di convegno::04b Atto di convegno in volume
Obfuscation of sensitive data in network flows / Daniele, Riboni; Antonio, Villani; Vitali, Domenico; Claudio, Bettini; Mancini, Luigi Vincenzo. - STAMPA. - (2012), pp. 2372-2380. (Intervento presentato al convegno IEEE Conference on Computer Communications, INFOCOM 2012 tenutosi a Orlando, FL nel 25 March 2012 through 30 March 2012) [10.1109/infcom.2012.6195626].
File allegati a questo prodotto
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11573/474143
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 22
  • ???jsp.display-item.citation.isi??? 17
social impact