|
ABSTRACT:
|
Releasing network measurement data---including packet traces---to the
research community is a virtuous activity that promotes solid
research. However, in practice, releasing anonymized packet traces for
public use entails many more vexing considerations than just the usual
notion of how to scramble IP addresses to preserve privacy. Publishing
traces requires carefully balancing the security needs of the
organization providing the trace with the research usefulness of the
anonymized trace. In this paper we recount our experiences in (i)
securing permission from a large site to release packet header traces of
the site's internal traffic, (ii) implementing the corresponding
anonymization policy, and (iii) validating its correctness. We present a
general tool, tcpmkpub, for anonymizing traces, discuss the process used
to determine the particular anonymization policy, and describe the use
of metadata accompanying the traces to provide insight into features
that have been obfuscated by anonymization
|