Sciweavers

Share
CCS
2008
ACM

The risk-utility tradeoff for IP address truncation

9 years 4 months ago
The risk-utility tradeoff for IP address truncation
Network operators are reluctant to share traffic data due to security and privacy concerns. Consequently, there is a lack of publicly available traces for validating and generalizing the latest results in network and security research. Anonymization is a possible solution in this context; however, it is unclear how the sanitization of data preserves characteristics important for traffic analysis. In addition, the privacypreserving property of state-of-the-art IP address anonymization techniques has come into question by recent attacks that successfully identified a large number of hosts in anonymized traces. In this paper, we examine the tradeoff between data utility for anomaly detection and the risk of host identification for IP address truncation. Specifically, we analyze three weeks of unsampled and non-anonymized network traces from a medium-sized backbone network to assess data utility. The risk of de-anonymizing individual IP addresses is formally evaluated, using a metric base...
Martin Burkhart, Daniela Brauckhoff, Martin May, E
Added 12 Oct 2010
Updated 12 Oct 2010
Type Conference
Year 2008
Where CCS
Authors Martin Burkhart, Daniela Brauckhoff, Martin May, Elisa Boschi
Comments (0)
books