On the Utility of Anonymized Flow Traces for Anomaly Detection

Computer Science – Networking and Internet Architecture

Scientific paper

Rate now

[ 0.00 ] – not rated yet Voters 0 Comments 0

Details On the Utility of Anonymized Flow Traces for Anomaly Detection On the Utility of Anonymized Flow Traces for Anomaly Detection

: 2008-10-09
: arxiv.org/abs/0810.1655v1
: Proceedings of the 19th ITC Specialist Seminar on Network Usage and Traffic (ITC SS 19), October 2008, Berlin, Germany
: Computer Science
: Networking and Internet Architecture

: Scientific paper
: The sharing of network traces is an important prerequisite for the development and evaluation of efficient anomaly detection mechanisms. Unfortunately, privacy concerns and data protection laws prevent network operators from sharing these data. Anonymization is a promising solution in this context; however, it is unclear if the sanitization of data preserves the traffic characteristics or introduces artifacts that may falsify traffic analysis results. In this paper, we examine the utility of anonymized flow traces for anomaly detection. We quantitatively evaluate the impact of IP address anonymization, namely variations of permutation and truncation, on the detectability of large-scale anomalies. Specifically, we analyze three weeks of un-sampled and non-anonymized network traces from a medium-sized backbone network. We find that all anonymization techniques, except prefix-preserving permutation, degrade the utility of data for anomaly detection. We show that the degree of degradation depends to a large extent on the nature and mix of anomalies present in a trace. Moreover, we present a case study that illustrates how traffic characteristics of individual hosts are distorted by anonymization.

Affiliated with

Brauckhoff Daniela

Computer Science – Networking and Internet Architecture

Scientist

[ 0.00 ] – not rated yet Voters 0 Comments 0

Burkhart Martin

Computer Science – Networking and Internet Architecture

Scientist

[ 0.00 ] – not rated yet Voters 0 Comments 0

May Martin

Computer Science – Networking and Internet Architecture

Scientist

[ 0.00 ] – not rated yet Voters 0 Comments 0

Also associated with

No associations

LandOfFree

Say what you really think

Search LandOfFree.com for scientists and scientific papers. Rate them and share your experience with other people.

Rating

On the Utility of Anonymized Flow Traces for Anomaly Detection does not yet have a rating. At this time, there are no reviews or comments for this scientific paper.
If you have personal experience with On the Utility of Anonymized Flow Traces for Anomaly Detection, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and On the Utility of Anonymized Flow Traces for Anomaly Detection will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFWR-SCP-O-460970

All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.

Canada

Charities
Companies
MP Candidates
Patents
Employee Salary Disclosure

World

Places of the World
Scientific Papers

United States

Banks
Companies
Counties
Patents
Employee Salary Disclosure