canine
play

CANINE A NetFlows Conversion/Anonymization Tool for Format - PowerPoint PPT Presentation

Dec 17, 2023 •355 likes •508 views

CANINE A NetFlows Conversion/Anonymization Tool for Format Interoperability and Secure Sharing Katherine Luo*, Yifan Li, Adam Slagell, William Yurick SIFT Research Group National Center for Supercomputing Applications (NCSA) University of

  1. CANINE A NetFlows Conversion/Anonymization Tool for Format Interoperability and Secure Sharing Katherine Luo*, Yifan Li, Adam Slagell, William Yurick SIFT Research Group National Center for Supercomputing Applications (NCSA) University of Illinois at Urbana-Champaign FloCon05, Sep. 20, 2005 National Center for Supercomputing Applications

  2. Motivations • NetFlows in multiple, incompatible formats – Network security monitoring tools usually support one or two NetFlows format – Need conversion of NetFlows between different formats • Sensitive network information hinders log sharing – Log sharing necessary for research and study – Need anonymization of sensitive data fields National Center for Supercomputing Applications

  3. Our Solution: CANINE Tool • CANINE: Converter and ANonymizer for Investigating Netflow Events • Handles several NetFlow formats – Cisco V5 & V7, ArgusNCSA, CiscoNCSA, NFDump • Anonymizes 5 types of data fields – IP, Timestamp, Port, Protocol and Byte Count • Multiple anonymization levels – Various anonymization methods for some data field National Center for Supercomputing Applications

  4. System Architecture of CANINE National Center for Supercomputing Applications

  5. Main GUI of CANINE National Center for Supercomputing Applications

  6. Conversion & Anonymization Engine • Conversion Engine – Parse the input NetFlow record into component data fields before anonymization – Reassemble the anonymized data component to desired NetFlow format • Anonymization Engine – Contain a collection of anonymization algorithms – Anonymize data fields with designated methods National Center for Supercomputing Applications

  7. IP Address Anonymization • Truncation – Zeroing out any number of LSBs • Random Permutation – Generate a random IP number seeded by user input • Prefix-preserving Pseudonymization – Match on n-bit prefix, based on Crypto-PAn IP Address Truncation Random Prefix-preserving Permutation (16-bit) 141.142.96.167 141.142.0.0 124.12.132.37 12.131.102.67 141.142.96.18 141.142.0.0 231.45.36.167 12.131.102.197 141.142.132.37 141.142.0.0 12.72.8.5 12.131.201.29 National Center for Supercomputing Applications

  8. Timestamp Anonymization • Time Unit Annihilation – Zeroing-out indicated subset of time units on end time – Start time is adjusted to keep the duration unchanged • Random Time Shift – Pick a range for generating random shift – Shift all timestamps by the same amount • Enumeration – Local sorting performs based on end time – Set the slide window size – Records sorted and equidistantly spaced National Center for Supercomputing Applications

  9. Port Number, Protocol, Byte Count Anonymization • Port Number Anonymization – Bilateral classification • Replace with 0 or 65535 (the port smaller or larger than 1024) – Black marker • Replace with 0 • Protocol Anonymization – Black Maker • Replace with 255 (IANA reserved but unused number) • Byte Count Anonymization – Black Marker • Replace with 0 (Impossible value in practice) National Center for Supercomputing Applications

  10. Task Summary Dialog National Center for Supercomputing Applications

  11. Summary and Future Work • CANINE addressed two problems – Convert and anonymize NetFlow logs – Unique due to multiple anonymization levels • Modifications on CANINE – Config file alternative to GUI – Streaming mode processing • Research on multiple levels of anonymization scheme – Utility of the anonymized log – Security of the anonymization schemes National Center for Supercomputing Applications

  12. Download CANINE at http://security.ncsa.uiuc.edu/distribution/ CanineDownLoad.html Thank you! Questions? National Center for Supercomputing Applications

  13. IP Address Anonymization National Center for Supercomputing Applications

  14. Timestamp Anonymization National Center for Supercomputing Applications

  15. Port Number Anonymization •Bilateral classification – Decide the port is ephemeral or not •Black marker National Center for Supercomputing Applications

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Canine Communication Understanding canine body language Understanding canine body language Agenda

Canine Communication Understanding canine body language Understanding canine body language Agenda

4/19/2012 Canine Communication Understanding canine body language Understanding canine body language Agenda Observe behavior objectively y p Identify components of canine body language Putting it all together 1 4/19/2012

699 views • 26 slides
Pregnancy Failure Canine Feline Porcine Dog and cat Canine conceptus Dogs and Cats Zonary

Pregnancy Failure Canine Feline Porcine Dog and cat Canine conceptus Dogs and Cats Zonary

Pregnancy Failure Canine Feline Porcine Dog and cat Canine conceptus Dogs and Cats Zonary placenta sampling Expectations - Dogs Up to 20% mortality 103 puppies from 24 dogs 3 stillborn 11 died within 48 hrs 27,221 female dogs

331 views • 17 slides
Charitable Foundations Impact on Canine Health Shila K. Nordone, PhD and Terry T. Warren, PhD,

Charitable Foundations Impact on Canine Health Shila K. Nordone, PhD and Terry T. Warren, PhD,

The American Boxer Club Charitable Foundations Impact on Canine Health Shila K. Nordone, PhD and Terry T. Warren, PhD, JD CSO and CEO, AKC Canine Health Foundation Overview Financial contribution Highlights of the American Boxer

435 views • 26 slides
Know About the Canine Influenza Outbreak ___________________________________

Know About the Canine Influenza Outbreak ___________________________________

Canine Influenza Outbreak May 7, 2015 ___________________________________ What Animal Shelters Need to ___________________________________ Know About the Canine Influenza Outbreak ___________________________________

398 views • 14 slides
Outline ___________________________________ 2 What is Environmental Enrichment? Goals of

Outline ___________________________________ 2 What is Environmental Enrichment? Goals of

Canine Enrichment: Stress Reduction For Happy and Healthy Shelter Dogs June 23, 2016 ___________________________________ 1 CANINE ENRICHMENT: STRESS ___________________________________

475 views • 18 slides
CANINE KERATITIS ASSOCIATED WITH BRINZOLAMIDE AND DORZOLAMIDE: CLINICAL AND HISTOLOGICAL

CANINE KERATITIS ASSOCIATED WITH BRINZOLAMIDE AND DORZOLAMIDE: CLINICAL AND HISTOLOGICAL

McPherson Eye Research Institute UNIVERSITY OF WISCONSIN MADISON CANINE KERATITIS ASSOCIATED WITH BRINZOLAMIDE AND DORZOLAMIDE: CLINICAL AND HISTOLOGICAL DIAGNOSIS AND TREATMENT B BECKWITH-COHEN, E BENTLEY, DJ GASPER, G MCLELLAN, RR

457 views • 25 slides
Elimination of Canine Transmitted Rabies in Asia and Africa Patricia Bolivar, PhD candidate

Elimination of Canine Transmitted Rabies in Asia and Africa Patricia Bolivar, PhD candidate

Elimination of Canine Transmitted Rabies in Asia and Africa Patricia Bolivar, PhD candidate Epidemiology Walden University Elimination of Canine Transmitted Rabies in Asia and Africa Rabies is one of the worlds oldest preventable

572 views • 30 slides
Taking the Teeth Out of Canine Distemper Virus ___________________________________ Sandra

Taking the Teeth Out of Canine Distemper Virus ___________________________________ Sandra

Taking the Teeth Out of Canine Distemper Virus July 21, 2016 ___________________________________ ___________________________________ ___________________________________ Taking the Teeth Out of Canine Distemper Virus

1.23k views • 24 slides
An Ethical Framework for Thinking about Canine Research and Animal Research More Generally

An Ethical Framework for Thinking about Canine Research and Animal Research More Generally

An Ethical Framework for Thinking about Canine Research and Animal Research More Generally DAVID DEGRAZIA, PH.D. SENIOR RESEARCH FELLOW, DEPARTMENT OF BIOETHICS, NIH ELTON PROFESSOR OF PHILOSOPHY, GWU Disclaimer & Disclosure I speak

480 views • 46 slides
Canine Nutrition: A Practical Approach Relatively speaking, most dogs today eat a more

Canine Nutrition: A Practical Approach Relatively speaking, most dogs today eat a more

Canine Nutrition: A Practical Approach Relatively speaking, most dogs today eat a more nutritional diet than their owners do Nutritional Requirements of the Dog Though a carnivore, the dog utilizes a wide variety of foodstuffs

1.88k views • 78 slides
Canine Atopic Dermatitis Nathan Bollig, DVM Computation and Informatics in Biology and Medicine

Canine Atopic Dermatitis Nathan Bollig, DVM Computation and Informatics in Biology and Medicine

A Machine Learning Tutorial for Veterinarians: Examples Using Canine Atopic Dermatitis Nathan Bollig, DVM Computation and Informatics in Biology and Medicine Postdoctoral Fellow and Ph.D. student, Computer Sciences University of Wisconsin

676 views • 49 slides
Current Developments in Laboratory-based Diagnostics for Canine & Feline Infectious Diseases

Current Developments in Laboratory-based Diagnostics for Canine & Feline Infectious Diseases

Current Developments in Laboratory-based Diagnostics for Canine & Feline Infectious Diseases Dr. Hemant K. Naikare BVSc&AH, MS, PhD, DACVM, MBA Director & Associate Professor Tifton Veterinary Diagnostic & Investigational

1.18k views • 39 slides
The natural SCI model of canine intervertebral disc herniation: Clinical trials of novel

The natural SCI model of canine intervertebral disc herniation: Clinical trials of novel

The natural SCI model of canine intervertebral disc herniation: Clinical trials of novel therapies Nick Jeffery BVSc PhD MSc DipECVS DipECVN FRCVS Why clinical dogs? Increase confidence to translate from laboratory to clinic Dogs are amenable

325 views • 30 slides
Staying Safe around Dogs & Reducing the Risk of Dog Related Injuries Canine Behaviour &

Staying Safe around Dogs & Reducing the Risk of Dog Related Injuries Canine Behaviour &

International Training Programme Staying Safe around Dogs & Reducing the Risk of Dog Related Injuries Canine Behaviour & Research Department Objectives & Learning Outcomes Discuss why and which types of dogs are likely to bite

768 views • 58 slides
An overview of the anatomy of the canine hindlimb Darren Kelly Artwork by Paddy Lennon Original

An overview of the anatomy of the canine hindlimb Darren Kelly Artwork by Paddy Lennon Original

An overview of the anatomy of the canine hindlimb Darren Kelly Artwork by Paddy Lennon Original photos courtesy of Mary Ferguson Students at University College Dublin, School of Veterinary Medicine. Video clip by Dr. David Kilroy Tuesday 2

669 views • 26 slides
An overview of the anatomy of the canine forelimb. Darren Kelly Artwork by Paddy Lennon

An overview of the anatomy of the canine forelimb. Darren Kelly Artwork by Paddy Lennon

An overview of the anatomy of the canine forelimb. Darren Kelly Artwork by Paddy Lennon Original photos courtesy of Mary Ferguson Students at University College Dublin, School of Veterinary Medicine. Tuesday 2 October 12 Tuesday 2 October 12

942 views • 35 slides
Hardware news 2015 Miroslav Kocur Own products HW news RTU & HMI RTU RTUs for control,

Hardware news 2015 Miroslav Kocur Own products HW news RTU & HMI RTU RTUs for control,

www.elvac.eu Hardware news 2015 Miroslav Kocur Own products HW news RTU & HMI RTU RTUs for control, protection, data acquisition and communication Content RTU7C compact unit ELVAC RTU configuration web SMC 133, SMC 144 - class S power

673 views • 34 slides
Automatic Interface Synthesis based on the Classification of Interface Protocols of IPs ChangRyul

Automatic Interface Synthesis based on the Classification of Interface Protocols of IPs ChangRyul

Automatic Interface Synthesis based on the Classification of Interface Protocols of IPs ChangRyul Yun 1 , DongSu Kang 2 , YoungHwan Bae 3 , HanJin Cho 3 , KyoungSon Jhang 2 1 Agency for Defense Development, KOREA 2 Dept. of Computer Engineering,

758 views • 26 slides
DEVELOPMENT STANDARD ADVISORY COMMITTEE Maureen Sheehan City of Seattle Major Institutions and

DEVELOPMENT STANDARD ADVISORY COMMITTEE Maureen Sheehan City of Seattle Major Institutions and

DEVELOPMENT STANDARD ADVISORY COMMITTEE Maureen Sheehan City of Seattle Major Institutions and School Coordinator OBJECTIVES Committee Members Purpose & Intent Meeting Process Schedule Recommendations Roles &

733 views • 28 slides
Proposed Fare Adjustments Public Meetings October 17, 2017 12 noon October 18, 2017 12 noon

Proposed Fare Adjustments Public Meetings October 17, 2017 12 noon October 18, 2017 12 noon

Proposed Fare Adjustments Public Meetings October 17, 2017 12 noon October 18, 2017 12 noon & 6pm October 19, 2017 6pm MEETING PURPOSE Thank you for joining us and participating in this community discussion. The purpose of this

753 views • 23 slides
NetFlow Analysis: Detecting covert channels on the network Detecting malicious traffic by using

NetFlow Analysis: Detecting covert channels on the network Detecting malicious traffic by using

NetFlow Analysis: Detecting covert channels on the network Detecting malicious traffic by using NetFlow data By: Joey Dreijer, Student OS3 5-07-14 1 NetFlow Analysis: Detecting covert channels on the network Gathering NetFlow data

346 views • 16 slides
Vulnerabilities in Dual-mode / Wi-Fi Phones 8/2/07 Sachin Joglekar Vulnerability Research Lead

Vulnerabilities in Dual-mode / Wi-Fi Phones 8/2/07 Sachin Joglekar Vulnerability Research Lead

8/2/07 - sachin joglekar Vulnerabilities in Dual-mode / Wi-Fi Phones 8/2/07 Sachin Joglekar Vulnerability Research Lead 1 8/2/07 - sachin joglekar Outline (Total 60-70 min) Introduction (7 min) Protocol Stack (7 min) Current

449 views • 44 slides
Into a High-Performance, Energy Efficient Data Center DCIM & Monitoring Solutions Beyond

Into a High-Performance, Energy Efficient Data Center DCIM & Monitoring Solutions Beyond

Transforming White Space Into a High-Performance, Energy Efficient Data Center DCIM & Monitoring Solutions Beyond Whitespace Seminar April 27 th , 2014 Presenter: Cam Rogers Director of International & Western US Sales 1 May 4, 2017

650 views • 28 slides
LoRa Wireless Network for the Internet of Things Content 1) The Internet of Things 2) Low-Power

LoRa Wireless Network for the Internet of Things Content 1) The Internet of Things 2) Low-Power

LoRa Wireless Network for the Internet of Things Content 1) The Internet of Things 2) Low-Power Wide-Area Network (LPWAN) 3) LoRa Architecture Layers Limitations 4) Other LPWAN Technologies 5) Conclusion 2 The Internet of Things

10.73k views • 27 slides

More recommend