Abstract
Traffic traces are generally anonymized before used in analysis. Prefix-preserving anonymization is often used to avoid privacy issues as well as preserve prefix relationship after anonymization. To facilitate research on real time high speed network traffic, address anonymization algorithm should be fast and consistent. In this paper, the bit string based algorithm and the embedded bit string algorithm will be introduced. Bit string based algorithm uses precomputed bit string to improve the anonymization performance. Instead of only using the LSB of each Rijndael output, the embedded bit string algorithm will take advantage of the full size Rijndael output to anonymize several bits at the same time. The implementation can be downloaded from https://sourceforge.net/projects/ipanon.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
DragonLab, http://www.dragonlab.org/
McGregor, T., Braun, H., Brown, J.: The NLANR network analysis infrastructure. IEEE Communications Magazine 38(5), 122–128 (2000)
The Internet traffic archive (April 2000), http://ita.ee.lbl.gov/
Patarin, S., Makpangou, M., Pandora, M.: A flexible network monitoring platform. In: Proceedings of the 2000 USENIX Annual Technical Conference (June 2000)
Peuhkuri, M.: A Method to Compress and Anonymize Packet Traces. SIGCOMM IMW (2001)
Pang, R., Paxson, V.: A high-level programming environment for packet trace anonymization and transformation. SIGCOMM (2003)
Krishnamurthy, B., Wang, J.: On network-ware clustering of web clients. In: SIGCOMM (2000)
Minshall, G.: TCPdpriv Command Manual (1996)
Cho, K., Mitsuya, K., Kato, A.: Traffic data repository at the wide project. In: Proceedings of USENIX 2000 Annual Technical Conference: FREENIX Track, San Diego, CA (June 2000)
Xu, J., Fan, J., Ammar, M.H., Moon, S.B.: On the design and performance of prefix-preserving IP traffic trace anonymization. In: SIGCOMM IMW (2001)
Xu, J., Fan, J., Ammar, M.H., Moon, S.B.: Prefix-preserving IP address anonymization: measurement based security evaluation and a new cryptography-based scheme. In: ICNP (2002)
Daemen, J., Rijmen, V.: AES proposal: Rijndael, Tech. Rep., Computer Security Resource Center, National Institute of Standards and Technology (February 2001), http://csrc.nist.gov/encryption/aes/rijndael/Rijndael.pdf
Beyls, K., D’Hollander, E.: Reuse distance-based cache hint selection. In: Proccedings of the 8th International Euro-Par Conference (August 2002)
Jenkins, B.: ISAAC: a fast cryptographic random number generator, http://burtleburtle.net/bob/rand/isaac.html
Pudovkina, M.: A known plaintext attack on the ISAAC keystream generator, http://eprint.iacr.org/2001/049.pdf
Krawczyk, H., Bellare, M., Canetti, R.: RFC 2104: HMAC: Keyed-Hashing for Message Authentication (February 1997)
Ylonen, T.: Thoughts on how to mount an attack on tpcpdriv’s ”-50” option, in TCPpdpriv source distribution (1996)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhang, Q., Wang, J., Li, X. (2007). On the Design of Fast Prefix-Preserving IP Address Anonymization Scheme. In: Qing, S., Imai, H., Wang, G. (eds) Information and Communications Security. ICICS 2007. Lecture Notes in Computer Science, vol 4861. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77048-0_14
Download citation
DOI: https://doi.org/10.1007/978-3-540-77048-0_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-77047-3
Online ISBN: 978-3-540-77048-0
eBook Packages: Computer ScienceComputer Science (R0)