A Generic Anonymization Framework for Network Traffic

Lack of trust is one of the main reasons for the limited cooperation between different organizations. The privacy of users is of paramount importance to administrators and organizations, which are reluctant to cooperate between each other and exchange network traffic traces. The main reasons behind reluctance to exchange monitored data are the protection of the users´ privacy and the fear of information leakage about the internal infrastructure. Anonymization is the technique to overcome this reluctance and enhance the cooperation between different organizations with the smooth exchange of monitored data. Today, several organizations provide network traffic traces that are anonymized by software utilities or ad-hoc solutions that offer limited flexibility. The result of this approach is the creation of unrealistic traces, inappropriate for use in evaluation experiments. Furthermore, the need for fast on-line anonymization has recently emerged as cooperative defense mechanisms have to share network traffic. Our effort focuses on the design and implementation of a generic and flexible anonymization framework that provides extended functionality, covering multiple aspects of anonymization needs and allowing fine-tuning of privacy protection level. The proposed framework is composed by an anonymization application programming interface (AAPI). The performance results show that AAPI outperforms existing tools, while offering significantly more anonymization primitives.