Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
EUROSEC
2009
ACM
2009
ACM
Deep packet anonymization
Network traces of Internet attacks are among the most valuable resources for network analysts and security researchers. However, organizations and researchers are usually reluctant to share their network data, as network packets may contain private or sensitive information. To alleviate the problem of information leakage, network traces are often anonymized before being shared. Typical anonymization approaches sanitize, or in some cases completely remove, certain packet header fields, higher-level protocol fields, or even payload information that could reveal the source and destination of an attack incident. Although there exists a variety of network trace anonymization techniques, in this paper we show that in certain cases they are proven inadequate, because attack traces may contain sensitive information not only in the packet headers and the packet payload, which are both exposed “on the wire,” but also in the encrypted payload of the self-decrypting shellcode carried in the...
Real-time TrafficEUROSEC 2009 | Network Trace | Network Trace Anonymization | Security Privacy | Sensitive Information |
Related Content
| Added | 19 May 2010 |
| Updated | 19 May 2010 |
| Type | Conference |
| Year | 2009 |
| Where | EUROSEC |
| Authors | Michalis Foukarakis, Demetres Antoniades, Michalis Polychronakis |
Comments (0)
Researcher Info
|
