Data Anonymization
Privacy, security, legal, proprietary ownership, and other economic
complications often prevent distribution of Internet data. This
section describes the benefits and drawbacks of data anonymization
efforts in general as well as detailing specific anonymization
techniques.
CAIDA's research on anonymization techniques and implications is supported by the
PREDICT project.
Data sharing requires balancing many privacy, security, and legal interests. Anonymization of data can mitigate privacy and security concerns and comply with legal requirements. Anonymization is not invulnerable; countermeasures that compromise current anonymization techniques can expose protected information in released datasets.
Data Sharing and Anonymization Reading List
- Anonymization Techniques
- Ruoming Pang, Mark Allman, Vern Paxson, Jason Lee, "The Devil and Packet Trace Anonymization", ACM SIGCOMM Computer Communication Review Archive Volume 36 , Issue 1 January 2006
- Jinliang Fan, Jun Xu, Mostafa H. Ammar, Sue B. Moon, "Prefix-Preserving IP Address Anonymization", Computer Networks, Volume 46, Issue 2 , 7 October 2004, Pages 253-272, Elsevier
- Jun Xu, Jinliang Fan, Mostafa Ammar, Sue B. Moon, "On the Design and Performance of Prefix-Preserving IP Traffic Trace Anonymization",ACM SIGCOMM Internet Measurement Workshop 2001
- Jun Xu, Jinliang Fan, Mostafa Ammar, Sue B. Moon, "Prefix-Preserving IP Address Anonymization: Measurement-based Security Evaluation and a New Cryptography-based Scheme", Proceedings of the IEEE International Conference on Network Protocols, Paris, 2002
- De-anonymization Techniques
- Scott E. Coull, Charles V. Wright, Fabian Monrose, Michael P. Collins, Michael K. Reiter, "Playing Devil's Advocate: Inferring Sensitive Information from Anonymized Network Traces"
- Jeffrey Pang, Ben Greenstein, Srinivasan Seshan, Ramakrishna Gummadi, David Wetherall, "802.11 User Fingerprinting", Proceedings of the 13th annual ACM international conference on Mobile computing and networking, Montreal, 2007
- Alternatives to Anonymization
- Jeffrey C. Mogul, Martin Arlitt, "SC2D: An Alternative to Trace Anonymization", Sigcomm 2006
- Econonmic, Legal and Policy Issues
- Paul Ohm, Douglas Sicker, Dirk Grunwald, "Legal Issues Surrounding Monitoring During Network Research (Invited Paper)", IMC 2007
- Jason Franklin, Adrian Perrig, Vern Paxson, Stefan Savage, "An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants", Conference on Computer and Communications Security Archive Proceedings of the 14th ACM Conference on Computer and Communications Security, 2007
- Burstein, Aaron J., "Toward a Culture of Cybersecurity Research" (2008). SSRN: http://ssrn.com/abstract=1113014
- Burstein, Aaron J., "Conducting Cybersecurity Research Legally and Ethically"
- Privacy
- Gregory Conti, "Googling Considered Harmful", New Security Paradigms Workshop; October 2006
- Maurizio Dusi, Francesco Gringoli, Luca Salgarelli, "A Preliminary Look at the Privacy of SSH Tunnels", ICCCN; August 2008
- Data Sharing
- ErinKenneally, k claffy, "An Internet Data Sharing Framework For Balancing Privacy and Utility", Engaging Data: First International Forum on the Application and Management of Personal Electronic Information, October, 2009
- Erin Kenneally, Michael Baily, Douglas Maughan, "A Framework for Understanding and Applying Ethical Principles in Network and Security Research", Workshop on Ethics in Computer Security Research, January 2010
- Erin Kenneally, k claffy, "Dialing privacy and utility: a proposed data-sharing framework to advance Internet research", IEEE Security and Privacy, vol. 8, no. 4, pp. 31-39, July 2010