Skip to main content

DPNeT: Differentially Private Network Traffic Synthesis with Generative Adversarial Networks

Part of the Lecture Notes in Computer Science book series (LNISA,volume 12840)

Abstract

High quality network traffic data can be shared to enable knowledge discovery and advance cyber defense research. However, due to its sensitive nature, ensuring safe sharing of such data has always been a challenging problem. Current approaches for sharing networking data present several limitations to balance privacy (e.g., information leakage) and utility (e.g., availability and usefulness). To overcome those limitations, we develop DPNeT, a network traffic synthesis solution that generates high-quality network flows and satisfies (\(\epsilon \), \(\delta \))-differential privacy. We adopt generative adversarial networks (GANs) to capture the characteristics of real network flows and a similarity-preserving embedding model for mixed-type attributes. Furthermore, we propose new techniques to improve the outcome of differentially private learning and provide the privacy analysis of the overall solution. Through a comprehensive evaluation with large-scale network flow data, we demonstrate that our solution is capable of producing realistic network flows.

Keywords

  • Differential privacy
  • Generative adversarial networks
  • Network flow generation

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-81242-3_1
  • Chapter length: 19 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   84.99
Price excludes VAT (USA)
  • ISBN: 978-3-030-81242-3
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   109.99
Price excludes VAT (USA)
Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.

Notes

  1. 1.

    Proof omitted for brevity; it is similar to the proof of Report Noisy Max [7].

  2. 2.

    http://www.hs-coburg.de/cidds.

References

  1. Abadi, M., et al.: Deep learning with differential privacy. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 308–318 (2016)

    Google Scholar 

  2. Beaulieu-Jones, B.K., et al. : Privacy-preserving generative deep neural networks support clinical data sharing. Circul. Cardiovasc. Qual. Outcomes 12(7), e005122 (2019)

    Google Scholar 

  3. Brekne, T., Årnes, A., Øslebø, A.: Anonymization of IP traffic monitoring data: attacks on two prefix-preserving anonymization schemes and some proposed remedies. In: Danezis, G., Martin, D. (eds.) PET 2005. LNCS, vol. 3856, pp. 179–196. Springer, Heidelberg (2006). https://doi.org/10.1007/11767831_12

    CrossRef  Google Scholar 

  4. Chawla, N.V., Lazarevic, A., Hall, L.O., Bowyer, K.W.: SMOTEBoost: improving prediction of the minority class in boosting. In: Lavrač, N., Gamberger, D., Todorovski, L., Blockeel, H. (eds.) PKDD 2003. LNCS (LNAI), vol. 2838, pp. 107–119. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-39804-2_12

    CrossRef  Google Scholar 

  5. Chen, Y., Trappe, W., Martin, R.P.: Detecting and localizing wireless spoofing attacks. In: 2007 4th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks, pp. 193–202. IEEE (2007)

    Google Scholar 

  6. Coull, S.E., et al.: Playing devil’s advocate: inferring sensitive information from anonymized network traces. Ndss 7, 35–47 (2007)

    Google Scholar 

  7. Dwork, C., Roth, A., et al.: The algorithmic foundations of differential privacy. Found. Trends Theor. Comput. Sci. 9(3–4), 211–407 (2014)

    Google Scholar 

  8. Fan, L.: A survey of differentially private generative adversarial networks. In: The AAAI Workshop on Privacy-Preserving Artificial Intelligence (2020)

    Google Scholar 

  9. Fredrikson, M., Jha, S., Ristenpart, T.: Model inversion attacks that exploit confidence information and basic countermeasures. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 1322–1333. ACM (2015)

    Google Scholar 

  10. Goodfellow, I., et al.: Generative adversarial nets. In: Advances in Neural Information Processing Systems, pp. 2672–2680 (2014)

    Google Scholar 

  11. Gulrajani, I., Ahmed, F., Arjovsky, M., Dumoulin, V., Courville, A.C.: Improved training of Wasserstein gans. In: Advances in Neural Information Processing Systems, pp. 5767–5777 (2017)

    Google Scholar 

  12. Hayes, J., Melis, L., Danezis, G., De Cristofaro, E.: Logan: membership inference attacks against generative models. Proc. Privacy Enhan. Technol. 2019(1), 133–152 (2019)

    CrossRef  Google Scholar 

  13. King, J., Lakkaraju, K., Slagell, A.: A taxonomy and adversarial model for attacks against network log anonymization. In: Proceedings of the 2009 ACM Symposium on Applied Computing, pp. 1286–1293 (2009)

    Google Scholar 

  14. Li, J., Zhou, L., Li, H., Yan, L., Zhu, H.: Dynamic traffic feature camouflaging via generative adversarial networks. In: 2019 IEEE Conference on Communications and Network Security (CNS), pp. 268–276. IEEE (2019)

    Google Scholar 

  15. Li, Y., Slagell, A., Luo, K., Yurcik, W.: Canine: a combined conversion and anonymization tool for processing netflows for security. In: International Conference on Telecommunication Systems Modeling and Analysis. vol. 21 (2005)

    Google Scholar 

  16. Lippmann, R.P., et al.: Evaluating intrusion detection systems: the 1998 Darpa off-line intrusion detection evaluation. In: Proceedings DARPA Information Survivability Conference and Exposition (DISCEX 2000). vol. 2, pp. 12–26. IEEE (2000)

    Google Scholar 

  17. McSherry, F., Mahajan, R.: Differentially-private network trace analysis. ACM SIGCOMM Comput. Commun. Rev. 40(4), 123–134 (2010)

    CrossRef  Google Scholar 

  18. Mikolov, T., Sutskever, I., Chen, K., Corrado, G.S., Dean, J.: Distributed representations of words and phrases and their compositionality. In: Advances in Neural Information Processing Systems, pp. 3111–3119 (2013)

    Google Scholar 

  19. Mohammady, M., Wang, L., Hong, Y., Louafi, H., Pourzandi, M., Debbabi, M.: Preserving both privacy and utility in network trace anonymization. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 459–474 (2018)

    Google Scholar 

  20. Pang, R., Allman, M., Paxson, V., Lee, J.: The devil and packet trace anonymization. ACM SIGCOMM Comput. Commun. Rev. 36(1), 29–38 (2006)

    CrossRef  Google Scholar 

  21. Riboni, D., Villani, A., Vitali, D., Bettini, C., Mancini, L.V.: Obfuscation of sensitive data in network flows. In: 2012 Proceedings IEEE INFOCOM, pp. 2372–2380. IEEE (2012)

    Google Scholar 

  22. Ring, M., Dallmann, A., Landes, D., Hotho, A.: Ip2vec: learning similarities between IP addresses. In: 2017 IEEE International Conference on Data Mining Workshops (ICDMW), pp. 657–666. IEEE (2017)

    Google Scholar 

  23. Ring, M., Schlör, D., Landes, D., Hotho, A.: Flow-based network traffic generation using generative adversarial networks. Comput. Secur. 82, 156–172 (2019)

    CrossRef  Google Scholar 

  24. Ring, M., Wunderlich, S., Grüdl, D., Landes, D., Hotho, A.: Flow-based benchmark data sets for intrusion detection. In: Proceedings of the 16th European Cnference on Cyber Warfare and Security, pp. 361–369 (2017)

    Google Scholar 

  25. Shahid, M.R., Blanc, G., Jmila, H., Zhang, Z., Debar, H.: Generative deep learning for internet of things network traffic generation. In: 2020 IEEE 25th Pacific Rim International Symposium on Dependable Computing (PRDC), pp. 70–79 (2020). https://doi.org/10.1109/PRDC50213.2020.00018

  26. Shokri, R., Stronati, M., Song, C., Shmatikov, V.: Membership inference attacks against machine learning models. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 3–18. IEEE (2017)

    Google Scholar 

  27. Son, S., Shmatikov, V.: The hitchhiker’s guide to DNS cache poisoning. In: International Conference on Security and Privacy in Communication Systems, pp. 466–483. Springer (2010)

    Google Scholar 

  28. Torkzadehmahani, R., Kairouz, P., Paten, B.: DP-CGAN: differentially private synthetic data and label generation. In: The IEEE Conference on Computer Vision and Pattern Recognition (CVPR) Workshops (2019)

    Google Scholar 

  29. Wright, C., Monrose, F., Masson, G.M.: Hmm profiles for network traffic classification. In: Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security, pp. 9–15 (2004)

    Google Scholar 

  30. Xu, J., Fan, J., Ammar, M., Moon, S.B.: On the design and performance of prefix-preserving ip traffic trace anonymization. In: Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement, pp. 263–266 (2001)

    Google Scholar 

Download references

Acknowledgements

The authors would like to thank the anonymous reviewers for their suggestions and comments. This work has been supported in part by NSF CNS-1949217, NSF CNS-1951430, and UNC Charlotte. The opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the sponsors.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Liyue Fan .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2021 IFIP International Federation for Information Processing

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Fan, L., Pokkunuru, A. (2021). DPNeT: Differentially Private Network Traffic Synthesis with Generative Adversarial Networks. In: Barker, K., Ghazinour, K. (eds) Data and Applications Security and Privacy XXXV. DBSec 2021. Lecture Notes in Computer Science(), vol 12840. Springer, Cham. https://doi.org/10.1007/978-3-030-81242-3_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-81242-3_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-81241-6

  • Online ISBN: 978-3-030-81242-3

  • eBook Packages: Computer ScienceComputer Science (R0)