analyzing privacy in enterprise packet trace
play

Analyzing Privacy in Enterprise Packet Trace Anonymization - PowerPoint PPT Presentation

Jan 07, 2024 •122 likes •339 views

Bruno Ribeiro, Gerome Miklau, Don Towsley UMass Amherst Weifeng Chen California University of Pennsylvania Analyzing Privacy in Enterprise Packet Trace Anonymization Motivation Internet Enterprise (university) Packets Monitor Packet

  1. Bruno Ribeiro, Gerome Miklau, Don Towsley UMass Amherst Weifeng Chen California University of Pennsylvania Analyzing Privacy in Enterprise Packet Trace Anonymization

  2. Motivation Internet Enterprise (university) Packets Monitor Packet header traces Used for networking research Many public repositories (UMass, CAIDA, LBNL, …) Raw trace may violate user privacy If enterprise IP addresses can be tied to individuals src address dest address src port dest port … 14.1.1.1 11.0.0.3 6738 80 … 18.0.0.1 11.0.0.1 2434 22 … 11.0.0.1 20.0.0.3 6913 80 … 2 Bruno Ribeiro, Weifeng Chen, Gerome Miklau, and Don Towsley, Analyzing Privacy in Enterprise Packet Trace Anonymization

  3. Motivation Trace repositories Anonymize IP addresses Two most widely used schemes Full prefix preservation (Xu et al. , 2001) Partial prefix preservation (Pang et al. 2006) src addr. dest addr. src port dest port … Original trace 14.1.1.1 11.0.0.3 6738 80 … 11.0.0.1 20.0.0.3 7913 22 … anonymization mapping src addr. dest addr. src port dest port … Anonymized 200.0.1.2 128.0.64.2 6738 80 … trace 128.0.64.0 5.0.4.5 7913 22 … 3 Bruno Ribeiro, Weifeng Chen, Gerome Miklau, and Don Towsley, Analyzing Privacy in Enterprise Packet Trace Anonymization

  4. Adversary Adversarial model: De-anonymize enterprise IP addresses in the trace 1. Probes (scan) enterprise network 2. Collects similar information from the trace De-anonymizes trace IPs matching (1) with (2) 4 Bruno Ribeiro, Weifeng Chen, Gerome Miklau, and Don Towsley, Analyzing Privacy in Enterprise Packet Trace Anonymization

  5. Outline Our contributions New attack on IP anonymization: Attack overview Defined as a tree editing distance problem Worst-case analysis: From a set of trace labels (information) Assesses worst-case attack Related work Conclusions 5 Bruno Ribeiro, Weifeng Chen, Gerome Miklau, and Don Towsley, Analyzing Privacy in Enterprise Packet Trace Anonymization

  6. Proposed attack overview Adversary provides: Labeled tree constructed using anonymized trace Labeled tree constructed from probing enterprise A cost (or distance) function (to deal with “mismatched” labels) Our algorithm finds: All de-anonymizations that comply with prefix preservation restrictions and have minimum total cost An instance of the tree edit distance problem 6 Bruno Ribeiro, Weifeng Chen, Gerome Miklau, and Don Towsley, Analyzing Privacy in Enterprise Packet Trace Anonymization

  7. Full prefix preserving anonymization Full prefix preservation If two real addresses share first X bits, then the same two anonymized addresses share first X bits It imposes restrictions on the real IP → Anonymized IP mapping 7 Bruno Ribeiro, Weifeng Chen, Gerome Miklau, and Don Towsley, Analyzing Privacy in Enterprise Packet Trace Anonymization

  8. Labeled trees Trace tree Probed tree Probed IP leaf labels Trace IP leaf labels Web server Traffic on port 80 Not a Web server No traffic on port 80 0 1 0 1 1 0 00 01 10 11 00 01 10 11 � Match sets: � Match set: � 00 maps to { 01 } � 00 maps to { 00, 01, 10 , 11 } � 10 maps to { 10 , 11 } � 10 maps to { 00, 01, 10 , 11 } 8 Bruno Ribeiro, Weifeng Chen, Gerome Miklau, and Don Towsley, Analyzing Privacy in Enterprise Packet Trace Anonymization

  9. Imperfect information Trace tree Probed tree Probed IP leaf labels Trace IP leaf labels Web server Traffic on port 80 Not a Web server No traffic on port 80 00 01 10 11 00 01 10 11 Backup Web server Correct mapping � Other sources of imperfect labels: Dynamic IP addresses, host shutdown, etc. 9 Bruno Ribeiro, Weifeng Chen, Gerome Miklau, and Don Towsley, Analyzing Privacy in Enterprise Packet Trace Anonymization

  10. Mapping costs Assign a cost to map two IPs with different labels Is zero if labels are equal Mapping cost Sum of all individual costs Example: Trace tree Probed tree Total cost = 1 Cost = 1 0 0 0 Cost = 0 Cost = 1 1 10 Bruno Ribeiro, Weifeng Chen, Gerome Miklau, and Don Towsley, Analyzing Privacy in Enterprise Packet Trace Anonymization

  11. Proposed attack All minimum cost mappings (over the whole network) Because it is prefix-preserving Every de-anonymization limits future de-anonymizations Probed tree Trace tree 00 01 10 11 00 01 10 11 ? And our algorithm is fast 10 seconds (on this laptop) for all mappings of a network with 2 16 addresses 11 Bruno Ribeiro, Weifeng Chen, Gerome Miklau, and Don Towsley, Analyzing Privacy in Enterprise Packet Trace Anonymization

  12. Experiment Network: class B (64K addresses) Labels “Active host” Active ports: FTP, SSH, Telnet, E-mail, Time, DNS, Web, POP3, SOCKS Trace IP labels “Active host” label – recorded any outgoing traffic “Active ports” – Recorded traffic from ports 80, 22, …. Probed IP labels Probed over all network “Active host” label – PING “Active ports” – TCP SYN ACK reply from ports 80, 22, … Naïve cost function: Zero is labels are equal, one otherwise 12 Bruno Ribeiro, Weifeng Chen, Gerome Miklau, and Don Towsley, Analyzing Privacy in Enterprise Packet Trace Anonymization

  13. Experiment results Trace collected: 2007, June 18 th (9097 active IPs) Network probed: 2007, June 18 th 60% Incorrect 50% cumulative fraction of matches Data publisher’s view hosts in the trace 40% 30% Correct BAD 20% matches 10% 0% 1 2 3 4 5 6 7 8 size of matching set Uniquely re-identified 13 Bruno Ribeiro, Weifeng Chen, Gerome Miklau, and Don Towsley, Analyzing Privacy in Enterprise Packet Trace Anonymization

  14. Worst-case analysis Given a labeled trace tree Find best de-anonymization We provide an algorithm that Obtains worst attack matching set size For each IP address in the trace For any label mismatch cost function For any labeled probed tree 14 Bruno Ribeiro, Weifeng Chen, Gerome Miklau, and Don Towsley, Analyzing Privacy in Enterprise Packet Trace Anonymization

  15. Worst-case experiment Full prefix preservation June 18 th experiment Naïve attack Worst-case cumulative fraction of 100% attack hosts in the trace 80% Data publisher’s view 60% 40% BAD 20% 0% 1 2 3 4 5 6 7 8 size of matching set Uniquely re-identified 15 Bruno Ribeiro, Weifeng Chen, Gerome Miklau, and Don Towsley, Analyzing Privacy in Enterprise Packet Trace Anonymization

  16. Partial prefix preservation Does not retain part of the address structure Used in Pang et al., 2006 Solution also formulated as an instance of the tree edit distance problem Anonymization Probed tree root mapping Anonymized tree root Probed tree root Anonymized tree root … … 8 bits 8 bits 8 bits 8 bits 8 bits 8 bits 8 bits 8 bits Up to 256 addresses 16 Bruno Ribeiro, Weifeng Chen, Gerome Miklau, and Don Towsley, Analyzing Privacy in Enterprise Packet Trace Anonymization

  17. Partial vs. Full prefix preservation Intuition: Partial is much safer than full prefix preservation Worst case: Partial prefix preservation 100% cumulative fraction of Worst case: Full prefix hosts in the trace 80% preservation Data publisher’s view 60% BAD 40% 20% 0% 1 2 3 4 5 6 7 8 size of matching set 17 Bruno Ribeiro, Weifeng Chen, Gerome Miklau, and Don Towsley, Analyzing Privacy in Enterprise Packet Trace Anonymization

  18. Worst-case analysis (II) Uniquely re-identified Full prefix preservation: 2713 active IP addresses in the trace Partial prefix preservation: 113 active IP addresses in the trace Partial prefix preservation is safer but not completely safe 18 Bruno Ribeiro, Weifeng Chen, Gerome Miklau, and Don Towsley, Analyzing Privacy in Enterprise Packet Trace Anonymization

  19. Related work “Playing Devil's Advocate: Inferring Sensitive Information from Anonymized Traces”, Scott Coull, Charles Wright, Fabian Monrose, Michael Collins and Michael Reiter, NDSS 2007 An attack on partial prefix preservation “Taming the Devil: Techniques for Evaluating Anonymized Network Data”, Scott Coull, Charles Wright, Fabian Monrose, Angelos Keromytis and Michael Reiter, NDSS 2008 Comes right after this talk ☺ 19 Bruno Ribeiro, Weifeng Chen, Gerome Miklau, and Don Towsley, Analyzing Privacy in Enterprise Packet Trace Anonymization

  20. Conclusions Attack Include global mapping restrictions An instance of the tree edit distance problem Indicates that full prefix preservation has flaws Impact of late probing on the de-anonymization Worst-case analysis Can help future anonymization schemes A tool for data publishers Experiments indicate that: Partial is much safer than full prefix preservation But still not completely safe 20 Bruno Ribeiro, Weifeng Chen, Gerome Miklau, and Don Towsley, Analyzing Privacy in Enterprise Packet Trace Anonymization

  21. Thanks Jim Kurose , UMass Amherst Edmundo de Souza e Silva , Federal University of Rio de Janeiro Kyoungwon Suh , Illinois State University Anonymous NDSS’08 reviewers Neils Provos , Google Inc. 21 Bruno Ribeiro, Weifeng Chen, Gerome Miklau, and Don Towsley, Analyzing Privacy in Enterprise Packet Trace Anonymization

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

How to (passively) measure? Packet Monitoring 1 What to expect? Overview / What is packet

How to (passively) measure? Packet Monitoring 1 What to expect? Overview / What is packet

How to (passively) measure? Packet Monitoring 1 What to expect? Overview / What is packet monitor? How to acquire the data Handling performance bottlenecks Case Study: Packet Capture Performance Analyzing the transport and

487 views • 37 slides
ANALYZING THE EVOLUTION OF DATA STRUCTURES IN TRACE-BASED MEMORY MONITORING Markus Weninger

ANALYZING THE EVOLUTION OF DATA STRUCTURES IN TRACE-BASED MEMORY MONITORING Markus Weninger

ANALYZING THE EVOLUTION OF DATA STRUCTURES IN TRACE-BASED MEMORY MONITORING Markus Weninger Elias Gander Hanspeter Mssenbck SSP 2018 Hildesheim, Germany MOTIVATION Memory Time millions of objects 11/8/2018 9th Symposium on

252 views • 13 slides
Wireshark network analyzing tool 19/03/2018 1 Wireshark network analyzing tool What?

Wireshark network analyzing tool 19/03/2018 1 Wireshark network analyzing tool What?

Wireshark network analyzing tool 19/03/2018 1 Wireshark network analyzing tool What? One of the best open source packet analyzers available today Captures network packets and tries to display content as detailed as possible

338 views • 5 slides
Analyzing End-Users Knowledge and Feelings Surrounding Smartphone Security and Privacy May

Analyzing End-Users Knowledge and Feelings Surrounding Smartphone Security and Privacy May

Analyzing End-Users Knowledge and Feelings Surrounding Smartphone Security and Privacy May 21st 2015 Lydia Kraus*, Tobias Fiebig*, Viktor Miruchna*, Sebastian Mller*, Asaf Shabtai+ * Technische Universitt Berlin + Ben-Gurion University

397 views • 18 slides
Analyzing & Mitigating Malicious Web Activity using Splunk Enterprise #splunkconf StubHub

Analyzing & Mitigating Malicious Web Activity using Splunk Enterprise #splunkconf StubHub

Analyzing & Mitigating Malicious Web Activity using Splunk Enterprise #splunkconf StubHub The Worlds Largest Fan-to-Fan Marketplace At StubHub, our mission is simple: provide fans a safe, convenient place to get tickets to the

761 views • 38 slides
Analyzing Facebook Privacy Settings: User Expectations vs. Reality Yabing Liu Krishna Gummadi

Analyzing Facebook Privacy Settings: User Expectations vs. Reality Yabing Liu Krishna Gummadi

Analyzing Facebook Privacy Settings: User Expectations vs. Reality Yabing Liu Krishna Gummadi Balachander Krishnamurthy Alan Mislove Northeastern University MPI-SWS AT&T LabsResearch November 2, 2011, IMC11

501 views • 24 slides
Anonymization of Network Trace Using Differential Privacy By Ahmed AlEroud Assistant Professor

Anonymization of Network Trace Using Differential Privacy By Ahmed AlEroud Assistant Professor

Anonymization of Network Trace Using Differential Privacy By Ahmed AlEroud Assistant Professor of Computer Information Systems Yarmouk University, Jordan Post-doctoral Fellow, Department of Information Systems, University of Maryland 1

426 views • 30 slides
Optimum MDS convolutional codes over GF(2 m ) and their relation to the trace functi n ngela

Optimum MDS convolutional codes over GF(2 m ) and their relation to the trace functi n ngela

Optimum MDS convolutional codes over GF(2 m ) and their relation to the trace functi n ngela Barbero and yvind Ytrehus UVa, Simula@UiB, UiB 1 Problem setting Unicast transmission over the Internet (Memoryless) packet erasure

607 views • 50 slides
Adit Enterprise. Adit Enterprise. Adit Enterprise. Adit Enterprise. ADIT Enterprise is a

Adit Enterprise. Adit Enterprise. Adit Enterprise. Adit Enterprise. ADIT Enterprise is a

Adit Enterprise. Adit Enterprise. Adit Enterprise. Adit Enterprise. ADIT Enterprise is a wholesale distribution business providing complete range of Electronic Security Systems Kamlesh 093232 51184 Adit Enterprise Adit Enterprise Adit

619 views • 29 slides
Robust Probabilistic Fake Packet Injection for Receiver-Location Privacy Ruben Rios 1 , Jorge

Robust Probabilistic Fake Packet Injection for Receiver-Location Privacy Ruben Rios 1 , Jorge

Robust Probabilistic Fake Packet Injection for Receiver-Location Privacy Ruben Rios 1 , Jorge Cuellar 2 , Javier Lopez 1 1 NICS Lab University of Mlaga 2 Siemens AG, Munich E SORI CS 2012 10-14 Se pt. Pisa (I ta ly)

432 views • 25 slides
Design Implications for Enterprise Storage Systems via Multi-Dimensional Trace Analysis Piotr

Design Implications for Enterprise Storage Systems via Multi-Dimensional Trace Analysis Piotr

Introduction Methodology Analysis process Results Conclusions Design Implications for Enterprise Storage Systems via Multi-Dimensional Trace Analysis Piotr Dobrowolski MIMUW/Distributed Systems October 24, 2012 Piotr Dobrowolski

1.7k views • 146 slides
IADT 2 Creativity | Technology | Enterprise 3 Creativity | Technology | Enterprise Vulnerability

IADT 2 Creativity | Technology | Enterprise 3 Creativity | Technology | Enterprise Vulnerability

Creativity | Technology | Enterprise Creativity | Technology | Enterprise Cyber safety: Vulnerability, privacy and good online habits Dr Andrew Power Head of Faculty Institute of Art, Design and Technology With thanks to Dr Grainne Kirwan

1.43k views • 34 slides
Introduction to Packet Tracer What is Packet Tracer? Packet Tracer is a protocol simulator

Introduction to Packet Tracer What is Packet Tracer? Packet Tracer is a protocol simulator

Introduction to Packet Tracer What is Packet Tracer? Packet Tracer is a protocol simulator developed by Dennis Frezzo and his team at Cisco Systems. Packet Tracer (PT) is a powerful and dynamic tool that displays the various protocols used in

419 views • 17 slides
DATA PRIVACY PRINCIPLES Enterprise Committee February 6, 2020 Courtesy of Meet Minneapolis

DATA PRIVACY PRINCIPLES Enterprise Committee February 6, 2020 Courtesy of Meet Minneapolis

DATA PRIVACY PRINCIPLES Enterprise Committee February 6, 2020 Courtesy of Meet Minneapolis Overview Data privacy principles Data associated with individuals High-level Aspirational Guide decision-making Balance with other

137 views • 13 slides
Communication Privacy and Censorship Resistance Vitaly Shmatikov Privacy on Public Networks

Communication Privacy and Censorship Resistance Vitaly Shmatikov Privacy on Public Networks

Communication Privacy and Censorship Resistance Vitaly Shmatikov Privacy on Public Networks Internet is designed as a public network Routing information is public IP packet headers identify source and destination Even a passive

680 views • 65 slides
Analyzing GDPR Compliance Through the Lens of Privacy Policy Jayashree Mohan , Melissa Wasserman,

Analyzing GDPR Compliance Through the Lens of Privacy Policy Jayashree Mohan , Melissa Wasserman,

Analyzing GDPR Compliance Through the Lens of Privacy Policy Jayashree Mohan , Melissa Wasserman, Vijay Chidambaram General Data Protection Regulation (GDPR) Respect the rights of data owner Personal Gathered legally, Protect it from Data

500 views • 37 slides
Planning for the Worst: The Role of Incident Response, Before Youve Had an Incident Sponsored

Planning for the Worst: The Role of Incident Response, Before Youve Had an Incident Sponsored

Planning for the Worst: The Role of Incident Response, Before Youve Had an Incident Sponsored By: Planning for the Worst: The Role of Incident Response, Before Youve Had an Incident Visit www.advisenltd.com at the end of this webinar to

498 views • 18 slides
Exam 2 Next Week Exam 2 Overview Wednesday, November 6, in-class Will cover lecture 6-8

Exam 2 Next Week Exam 2 Overview Wednesday, November 6, in-class Will cover lecture 6-8

Exam 2 Next Week Exam 2 Overview Wednesday, November 6, in-class Will cover lecture 6-8 (todays class) Does NOT include lectures 1-4 Can bring: One page cheat-sheet, hand-written (not typed) Calculator Will test:

351 views • 8 slides
Can we solve it efficiently? We have seen that there is a distinction between problems that

Can we solve it efficiently? We have seen that there is a distinction between problems that

Can we solve it efficiently? We have seen that there is a distinction between problems that can be solved by a computer CS 3813: Introduction to Formal algorithm and those that cannot Languages and Automata Among the class of problems

245 views • 3 slides
Session 5 - Introductory Course in Parallel and Distributed Computing Yves Robert & Behrooz

Session 5 - Introductory Course in Parallel and Distributed Computing Yves Robert & Behrooz

Scope Sample Course Topics Session 5 - Introductory Course in Parallel and Distributed Computing Yves Robert & Behrooz Shirazi TCPP Workshop February 2010 yves.robert@ens-lyon.fr, shirazi@wsu.edu February 2010 Introductory Course 1/ 12

313 views • 12 slides
Web Strategy What It Is & Why We Need to Care Jason Pamental | @jpamental Future of Web

Web Strategy What It Is & Why We Need to Care Jason Pamental | @jpamental Future of Web

Web Strategy What It Is & Why We Need to Care Jason Pamental | @jpamental Future of Web Design | NYC 2010 .com Wednesday, November 17, 2010 About me Jason Pamental Web Strategist, Designer, Technologist Have worked as strategist,

701 views • 33 slides
CS675: Convex and Combinatorial Optimization Fall 2019 The Simplex Algorithm Instructor: Shaddin

CS675: Convex and Combinatorial Optimization Fall 2019 The Simplex Algorithm Instructor: Shaddin

CS675: Convex and Combinatorial Optimization Fall 2019 The Simplex Algorithm Instructor: Shaddin Dughmi Algorithms for Convex Optimization We will look at 2 algorithms in detail: Simplex and Ellipsoid. If there is time, we might also look at

674 views • 41 slides
Wrapper Learning Wrapper Learning Craig Knoblock University of Southern California This

Wrapper Learning Wrapper Learning Craig Knoblock University of Southern California This

Wrapper Learning Wrapper Learning Craig Knoblock University of Southern California This presentation is based on slides prepared by Ion Muslea and Chun-Nan Hsu Wrappers & Information Agents Wrappers & Information Agents Thai GIVE ME

807 views • 70 slides
Web Data Extraction Craig Knoblock University of Southern California This presentation is based

Web Data Extraction Craig Knoblock University of Southern California This presentation is based

Web Data Extraction Craig Knoblock University of Southern California This presentation is based on slides prepared by Ion Muslea and Kristina Lerman Extracting Data from Semi- structured Sources Casablanca Restaurant NAME STREET 220 Lincoln

742 views • 31 slides

More recommend