On the Privacy Risks of Publishing Anonymized IP Network Traces.
Authors:	D. Koukis Spyros Antonatos Kostas G. Anagnostakis
Published:	Communications and Multimedia Security, 2006
URL:	http://dcs.ics.forth.gr/Activities/papers/2006.CMS.trace-anonymization.pdf
ENTRY DATE:	2008-06-16
ABSTRACT:	Networking researchers and engineers rely on network packet traces for understanding network behavior, developing models, and evaluating network p erformance. Although the bulk of published packet traces implement a form of address anonymization to hide sensitive information, it has been unclear if such anonymization techniques are sufficient to address the privacy concerns of users and organizations. In this pap er we attempt to quantify the risks of publishing anonymized packet traces. In particular, we examine whether statistical identification techniques can be used to uncover the identities of users and their surfing activities from anonymized packet traces. Our results show that such techniques can be used by any Web server that is itself present in the packet trace and has suficient resources to map out and keep track of the content of popular Web sites to obtain information on the network-wide browsing b ehavior of its clients. Furthermore, we discuss how scan sequences identified in the trace can easily reveal the mapping from anonymized to real IP addresses.