Anonymization of IP Traffic Monitoring Data: Attacks on Two Prefix-Preserving Anonymization Schemes and Some Proposed Remedies

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3856)


In our search for anonymization solutions for passive measurement data in the context of the LOBSTER passive network monitoring project, we discovered attacks against two initially promising candidates for IP address anonymization. We present a suite of three algorithms employing packet injection and frequency analysis, which can compromise individual addresses protected with prefix-preserving anonymization in multilinear time. We present two algorithms to counter our attacks. These methods support gradual release of topological information, as required by some applications. We also introduce an algorithm that strengthens some hash-based anonymization methods.


Hash Function Block Cipher Destination Address Binary Search Tree IPv4 Address 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM 4 (1981)Google Scholar
  2. 2.
    Pfitzmann, A., Köhntopp, M.: Anonymity, unobservability, and pseudonymity - A proposal for terminology. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, p. 1. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  3. 3.
    Biskup, J., Flegel, U.: On pseudonymization of audit data for intrusion detection. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, p. 161. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  4. 4.
    Sobirey, M., Fischer-Hübner, S., Rannenberg, K.: Pseudonymous audit for privacy enhanced intrusion detection. In: SEC, pp. 151–163 (1997)Google Scholar
  5. 5.
    Peuhkuri, M.: A method to compress and anonymize packet traces. In: Internet Measurement Workshop, San Francisco, California, USA, pp. 257–261 (2001)Google Scholar
  6. 6.
    Xu, J., Fan, J., Ammar, M., Moon, S.B.: On the design and performance of prefix-preserving ip traffic trace anonymization. In: Proceedings of the ACM SIGCOMM Internet Measurement Workshop 2001 (2001)Google Scholar
  7. 7.
    Xu, J., Fan, J., Ammar, M., Moon, S.B.: Prefix-preserving ip address anonymization: Measurement-based security evaluation and a new cryptography-based scheme. In: ICNP 2002 (2002)Google Scholar
  8. 8.
    Menezes, A.J., van Oorschot, P., Vanstone, S.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)CrossRefzbMATHGoogle Scholar
  9. 9.
    Slagell, A., Wang, J., Yurick, W.: Network log anonymization: Application of Crypto-PAn to Cisco Netflows. In: IEEE Workshop on Secure Knowledge Management (SKM) (2004)Google Scholar
  10. 10.
    Raymond, J.-F.: Traffic analysis: Protocols, attacks, design issues, and open problems. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, p. 10. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  11. 11.
    Forte, D.: Using tcpdump and sanitize for system security. Login 26 (2001)Google Scholar
  12. 12.
    Cho, K., Mitsuya, K., Kato, A.: Traffic data repository at the WIDE project. In: Proceedings of FREENIX Track: 2000 USENIX Annual Technical Conference, pp. 263–270 (2000)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  1. 1.Centre for Quantifiable Quality of Service in Communication SystemsNorwegian University of Science and TechnologyTrondheimNorway
  2. 2.Uninett ASTrondheimNorway

Personalised recommendations