FLAIM: A Multi-level Anonymization Framework for Computer and Network Logs

FLAIM (Framework for Log Anonymization and Information Management) addresses two important needs not well addressed by current log anonymizers. First, it is extremely modular and not tied to the specific log being anonymized. Second, it supports multi-level anonymization, allowing system administrators to make fine-grained trade-offs between information loss and privacy/security concerns. In this paper, we examine anonymization solutions to date and note the above limitations in each. We further describe how FLAIM addresses these problems, and we describe FLAIM's architecture and features in detail.Comment: 16 pages, 4 figures, in submission to USENIX Lis

Privacy-preserving network monitoring at high-speed

Network monitoring represents a key step for several applications, such as cyber-security and traffic engineering. Examples of the data include packet traces captured in the network and log files obtained from services like the DNS and BGP. It is widely known that monitoring may expose privacy-sensitive information. Deep packet inspection, for example, exposes the destination servers contacted by users, and non-encrypted fields of certain protocols, such as Service Name Indication (SNI) in TLS handshakes. New privacy regulations (e.g. GDPR) impose strict rules when handling data that carry privacy-sensitive information. They guarantee the protection of personal data, provide the interested parties certain rights, and assign powers to the regulators to enforce them. As network monitoring data carries information that reveals users' identity, it must be treated in the light of these regulations. Network monitoring infrastructure must guarantee that sensitive information is not leaked or, preferably, must not collect any unnecessary data that may threat users' privacy. Historically, the solution to these problems has been anonymization -- i.e., replacing sensitive fields with obfuscated copies. This approach however has two drawbacks: First, anonymization reduces the value of the collected information. For instance, while anonymizing client and server IP addresses in traffic logs helps to protect privacy, it renders it impossible to evaluate particular services that could be identified by their server IP addresses. Second, anonymization of protocol fields in isolation is not sufficient, as users' identity might be revealed by subtler techniques. For example, even if one obfuscates the client IP addresses in DNS traffic logs, the set of hostnames resolved by a client (if exposed in the logs) may still help to uncover identities. We are building a flexible tool that exposes to monitors only the information strictly required, thus reducing at the source risks to people's privacy. Our solution satisfies three requirements: (i)~it automatically searches for protocol fields that can be linked to particular users; (ii)~it anonymizes information considering all protocol stack, and uses a stateful approach, employing k-anonymization algorithms; (iii)~it is light-weight and scalable, thus deployable in high-speed links at multiple Gb/s. Our solution is based on the Intel Data Plane Development Kit, a set of libraries and drivers for fast packet processing. We have built a prototype that is deployed in a campus network. At the present, the prototype is able to handle multiple 10~Gb/s links with zero packet losses, performing several anonymization steps on packets. Anonymized packets are forwarded to legacy monitoring systems that receive information already deprived of privacy sensitive fields. We are testing k-anonymization approaches to perform selective anonymization of sensitive fields, such as TLS SNIs and server IP addresses, with the aim to obfuscate only cases in which the information helps to uncover users behind the traffic. In this poster we will present our architecture and system design, as well as show preliminary results of the prototype deployment

Anonymizing cybersecurity data in critical infrastructures: the CIPSEC approach

Cybersecurity logs are permanently generated by network devices to describe security incidents. With modern computing technology, such logs can be exploited to counter threats in real time or before they gain a foothold. To improve these capabilities, logs are usually shared with external entities. However, since cybersecurity logs might contain sensitive data, serious privacy concerns arise, even more when critical infrastructures (CI), handling strategic data, are involved. We propose a tool to protect privacy by anonymizing sensitive data included in cybersecurity logs. We implement anonymization mechanisms grouped through the definition of a privacy policy. We adapt said approach to the context of the EU project CIPSEC that builds a unified security framework to orchestrate security products, thus offering better protection to a group of CIs. Since this framework collects and processes security-related data from multiple devices of CIs, our work is devoted to protecting privacy by integrating our anonymization approach.Peer ReviewedPostprint (published version

α-MON: Traffic Anonymizer for Passive Monitoring

Packet measurements at scale are essential for several applications, such as cyber-security, accounting and troubleshooting. They, however, threaten users’ privacy by exposing sensitive information. Anonymization has been the answer to this challenge, i.e., replacing sensitive information with obfuscated copies. Anonymization of packet traces, however, comes with some challenges and drawbacks. First, it reduces the value of data. Second, it requires to consider diverse protocols because information may leak from many non-encrypted fields. Third, it must be performed at high speeds directly at the monitor, to prevent private data from leaking, calling for real-time solutions. We present , a flexible tool for privacy-preserving packet monitoring. It replicates input packet streams to different consumers while anonymizing protocol fields according to flexible policies that cover all protocol layers. Beside classic anonymization mechanisms such as IP address obfuscation, supports z-anonymization, a novel solution to obfuscate rare values that can be uniquely traced back to limited sets of users. Differently from classic anonymization approaches, works on a streaming fashion, with zero delay, operating at high-speed links on a packet-by-packet basis. We quantify the impact of on traffic measurements, finding that it introduces minimal error when it comes to finding heavy-hitter services. We evaluate performance using packet traces collected from an ISP network and show that it achieves a sustainable rate of 40 Gbit/s on a Commercial Off-the Shelf server. is available to the community as an open-source project

Exploratory study to explore the role of ICT in the process of knowledge management in an Indian business environment

In the 21st century and the emergence of a digital economy, knowledge and the knowledge base economy are rapidly growing. To effectively be able to understand the processes involved in the creating, managing and sharing of knowledge management in the business environment is critical to the success of an organization. This study builds on the previous research of the authors on the enablers of knowledge management by identifying the relationship between the enablers of knowledge management and the role played by information communication technologies (ICT) and ICT infrastructure in a business setting. This paper provides the findings of a survey collected from the four major Indian cities (Chennai, Coimbatore, Madurai and Villupuram) regarding their views and opinions about the enablers of knowledge management in business setting. A total of 80 organizations participated in the study with 100 participants in each city. The results show that ICT and ICT infrastructure can play a critical role in the creating, managing and sharing of knowledge in an Indian business environment

Strengthening Privacy and Cybersecurity through Anonymization and Big Data

L'abstract è presente nell'allegato / the abstract is in the attachmen