PrefixPreserving IP Address Anonymization: Measurementbased Security Evaluation and a New Cryptograp

About This Presentation
Title:

PrefixPreserving IP Address Anonymization: Measurementbased Security Evaluation and a New Cryptograp

Description:

a'i = ai fi-1(a1, a2, ... , ai-1) f0 is a constant ... fi(a1, a2, ... , ai-1) := L(R(P(a1a2...ai-1), K)) 13. Attacks on Anonymization Schemes ... –

Number of Views:39
Avg rating:3.0/5.0
Slides: 21
Provided by: sbm59
Category:

less

Transcript and Presenter's Notes

Title: PrefixPreserving IP Address Anonymization: Measurementbased Security Evaluation and a New Cryptograp


1
Prefix-Preserving IP Address AnonymizationMeasur
ement-based Security Evaluation and a
NewCryptography-based Scheme
  • Jun Xu, Jinliang Fan, Mostafa Ammar, Sue Moon
  • College of Computing
    Sprint ATL
  • Georgia Tech

modified presented by Zihui Ge
2
Overview
  • Motivation
  • IP address anonymization
  • prefix-preserving
  • Prefix-preserving anonymization
  • canonical form
  • TCPdpriv
  • cryptography-based scheme
  • Attacks
  • models, analysis, evaluation

3
Motivation
  • Traces collected, to share or not to share?
  • client personal privacy?
  • commercial confidentiality?
  • IP address anonymization
  • 1.2.3.4 ? 8.4.3.6
  • one to one mapping, consistent
  • Prefix relationships among IP addresses?
  • important routing performance, clustering of
    end-systems
  • Prefix-preserving anonymization
  • 1.2.3.4 ? 8.4.3.6
  • 1.2.255.2 ? 8.4.9.6
  • preserve prefix correlation among addresses

4
IP Address Anonymization
  • Basic anonymization
  • a original 4-byte IP address a a1 a2 a32
  • a anonymized IP address aa1a2a32
  • F 1-to-1 mapping function aF(a)
  • Prefix preserving anonymization
  • if a, b share k-bit prefix
  • a1b1,a2b2, , akbk, ak1bk1
  • then aF(a), bF(b) share k-bit prefix
  • a1b1,a2b2, , akbk, ak1bk1

5
Canonical Form
  • Canonical construction of F using a series of fi
  • ai ai ? fi-1(a1, a2, , ai-1)
  • f0 is a constant
  • F is a prefix-preserving anonymization function
  • A prefix-preserving anonymization function
    necessarily takes this form
  • Different schemes use different fi
  • Visualized as a tree

6
Visualization Address Space
0
1
0
1
0
1
0100
0111
0101
0110
1000
1011
1001
1010
1100
1111
1101
1110
0000
0011
0001
0010
7
Visualization Original Address Tree
0
1
0
1
0
1
0100
0101
1000
1011
1111
1110
0000
0001
0010
8
Visualization Anonymization Function
f0()1
0
1
f1(1)0
f1(0)1
0
1
0
1
f2(0,0)0
Flip
Leaf Node
9
Visualization Anonymized Address Tree
0
1
0
1
0
1
0100
0101
1000
1011
1111
1110
0000
0001
0010
10
TCPdpriv
  • Sequentially scan IP address
  • look up prefix in history table
  • randomly choose suffix
  • concatenate prefix,suffix update history table

a1a2akak1aK2an
rand(a1a2akak1an)
11
TCPdpriv
  • Sequentially scan IP address
  • look up prefix in history table
  • randomly choose suffix
  • concatenate prefix,suffix update history table
  • Mapping is trace-dependent
  • Need to maintain a table to track previous
    mappings
  • table size grow over time
  • look up cost increase over time
  • Unable to process in parallel

12
New Crytography-Based Algorithm
fi(a1, a2, , ai-1) L(R(P(a1a2ai-1), K))
L least significant bit R pseudo-random
function P secret padding K secret key
  • deterministic fi function
  • trace-independent
  • What PRF to use?
  • Practical bock ciphers, e.g., AES, can be
    modeled as PRP

13
Attacks on Anonymization Schemes
  • Cryptographic attacks
  • scheme specific
  • vulnerability comes from the specific
    construction of fi
  • TCPdpriv not susceptible
  • our scheme provable secure
  • Semantic attacks
  • common to all schemes
  • vulnerability comes from the canonical
    construction of F
  • effectiveness should be measured

14
Evaluation of Semantic Attacks
  • Metrics to measure effect of attacks
  • Virtual (but theoretically interesting) attacks
  • good measure of the resistance of a specific
    trace to semantic attacks in general
  • good relative reference points for measuring the
    effectiveness of practical attacks.
  • Practical attacks

15
Metrics to Measure Effect of Attacks
  • Measure of attack severity
  • U of unknown uncompressed bits
  • C of unknown compressed bits
  • Ki of addresses with exactly i known most
    significant bit

16
If an address is compromised
1000
1001
0010
0000
0110
0111
1100
1101
1111
0010
1???
000?
C9, U18, K14, K22, K32, K41
17
Evaluation on Real Traces
  • Measure the resistance of a specific trace to
    semantic attacks in general
  • Effect of compromising random address
  • Effect of compromising greedily-generated address

18
Effect of Compromising Random Addresses
19
Practical Attacks
  • Frequency Analysis
  • DNS Server Address Tracing
  • Others

20
Conclusions
  • Canonical form of constructing prefix-preserving
    anonymization function
  • New cryptography-based scheme
  • Framework of measuring the resistance of traces
    and the effectiveness of attacks
  • Implementation
  • http//www.cc.gatech.edu/computing/Telecomm/crypto
    pan/
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The : "PrefixPreserving IP Address Anonymization: Measurementbased Security Evaluation and a New Cryptograp" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!