Ruoming Pang, Mark Allman, Vern Paxson, Jason Lee. The Devil and Packet Trace Anonymization. ACM Computer Communication Review, 36(1), January 2006.
PDF | Review | Project

Abstract:

Releasing network measurement data---including packet traces---to the research community is a virtuous activity that promotes solid research. However, in practice, releasing anonymized packet traces for public use entails many more vexing considerations than just the usual notion of how to scramble IP addresses to preserve privacy. Publishing traces requires carefully balancing the security needs of the organization providing the trace with the research usefulness of the anonymized trace. In this paper we recount our experiences in (i) securing permission from a large site to release packet header traces of the site's internal traffic, (ii) implementing the corresponding anonymization policy, and (iii) validating its correctness. We present a general tool, tcpmkpub, for anonymizing traces, discuss the process used to determine the particular anonymization policy, and describe the use of meta-data accompanying the traces to provide insight into features that have been obfuscated by anonymization.

BibTeX:

@article{PAPL06,
    author      =        "Ruoming Pang and Mark Allman and Vern Paxson and Jason Lee",
    title       =        "{The Devil and Packet Trace Anonymization}",
    journal     =        "ACM Computer Communication Review",
    year        =        2006,
    volume      =        36,
    number      =        1,
    month       =        jan,
}