URL: http://portal.acm.org/citation.cfm?id=1271241 ENTRY DATE: 2008-06-16 ABSTRACT: Passive network monitoring that observes user traffic has many advantages over active monitoring that uses test packets. It can provide characteristics of real user traffic, that cannot be detected actively. However, when processing user traffic, wemust guarantee user privacy. This is a task of packet header anonymization that removes sensitive information, while keeping as much as possible of the original traffic properties. In this paper we present design and implementation of an FPGA-based packet header anonymization that unlike previous approaches operates in real time and prevents sensitive information from getting to the monitoring PC and beyond.