ip address anonymization

34
Chulalongkor n University Wongyos Keardsri Department of Computer Engineering Faculty of Engineering, Chulalongkorn University Bangkok, Thailand E-mail: [email protected] An IP Address Anonymization An IP Address Anonymization Scheme Based on Privacy Scheme Based on Privacy Levels Levels Ph.D. Seminar, August 5, 2011

Upload: wongyos-keardsri

Post on 25-May-2015

289 views

Category:

Technology


0 download

DESCRIPTION

IP address anonymization

TRANSCRIPT

Page 1: IP address anonymization

Chulalongkorn University

Wongyos Keardsri

Department of Computer EngineeringFaculty of Engineering, Chulalongkorn UniversityBangkok, ThailandE-mail: [email protected]

An IP Address An IP Address Anonymization Scheme Anonymization Scheme

Based on Privacy LevelsBased on Privacy Levels

Ph.D. Seminar, August 5, 2011

Page 2: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri2

OutlineOutline

• Introduction• Literature Reviews• Anonymization Scheme• Privacy Levels• Anonymization Factors

• Privacy Tree Structures• Network Analysis Functions• Computer Law

• Rule-Based Combination• Results and Discussions• Conclusion

Page 3: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri3

• Network Traffic Analysis Packet Sniffer

IP: 161.200.92.41

IP: 161.200.92.30

IP: 161.200.92.59

IP: 161.200.92.62

IP: 161.200.92.45

Capture packetsCapture packets

Analyze packetsAnalyze packets

Anonymize packetsAnonymize packets

IntroductionIntroduction

Page 4: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri4

• IP Address AnonymizationTo reform the original IP address to the anonymized IP address

Original IP AddressOriginal IP Address

Anonymization ProcessAnonymization Process

Anonymized IP AddressAnonymized IP Address

Introduction (Cont)Introduction (Cont)

161.200.93.37161.200.93.37

Anonymization ProcessAnonymization Process

74.97.120.9674.97.120.96

Page 5: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri5

• Proposed Anonymization Methods

1990-19951990-1995 One-to-one mapping algorithms (Hash Function, MD5)One-to-one mapping algorithms (Hash Function, MD5)

19961996 TCPdpriv methodGreg Minshall

Literature ReviewsLiterature Reviews

20022002 Crypto-PAn methodJun Xu

20062006 MAL methodQianli Zhang

20072007 TSA methodR. Ramaswamy

Page 6: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri6

Literature ReviewsLiterature Reviews (Cont)(Cont)

• Review of the previous works Anonymize all 32 bits of IP address

unnecessarily Unsuitable for network analysis functions Uncover with computer law

We can anonymize some appropriate bit or parts of IP address

Page 7: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri7

Anonymization SchemeAnonymization Scheme

• Our Anonymization Scheme

Anonymization Factors(1) Privacy Tree Structures(2) Network Analysis Functions(3) Computer Law

Original IP Address

Anonymized IP Address

Privacy

Levels

Rule-BasedCombinati

on

Page 8: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri8

• This research proposes a new IP address anonymization scheme by considering and using privacy levels

• To consider the IP address structure 255 .255 .0 .011111111.11111111.00000000.00000000255 .255 .0 .011111111.11111111.00000000.00000000

Subnet Mask Address

161 .200 .93 .110100001.11001000.01011101.00000001161 .200 .93 .110100001.11001000.01011101.00000001IP Address

161.200.0.0 161.200.0.0 Network Part x.x.93.1 x.x.93.1 Host Part

Network PartNetwork Part Host PartHost PartLeft bits Right bits

Privacy LevelsPrivacy Levels

Page 9: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri9

• Privacy Levels Non-anonymization n-Left anonymization n-Right anonymization Full anonymization Randomly full anonymization

Left bits Right bits

XXXXXXXXXXXXXXXX

XXXXXXXXXXXXXXXX

XXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXX

RRRRRRRRRRRRRRRR RRRRRRRR RRRRRRRR

• We anonymize the necessary bits or parts of IP address with the different privacy levels

• We define the privacy levels into 5 levels

Privacy LevelsPrivacy Levels (Cont)(Cont)

Page 10: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri10

• There are 3 reasons to consider the anonymization factors Do you know about the data which are used to

analyze? Much or little? What do you need to use the data for which

functions? How about the computer law or computer crime act

defines and describes?

• There are 3 anonymization factors IP address structures Network analysis functions Computer law / computer crime act

Anonymization Factors

Page 11: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri11

• Privacy Tree Structure A path from root node to each node is network part of IP address A path under that node is host part of IP address

Given edges are parts of IP address Given nodes are connections of parts

A

Root Node

Reference Node

Network Part

Host Part

Privacy Tree Structure

Page 12: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri12

• Independent subtree

A

Root Node

Reference Node B

A B

• Non-anonymization

Privacy Tree Structure (Cont)

A is referenced IP address of organization which analyzes BB is referenced IP address of organization which is analyzed by A

Page 13: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri13

• Intersection subtree

Root Node

Reference Node

Anonymization part

A B

A B

• n-Left anonymization XXXX

Privacy Tree Structure (Cont)

Page 14: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri14

• Proper subtree (A in B)

A

Root Node

Reference Node

B

BA

• n-Right anonymization XXXX

Anonymization part

Privacy Tree Structure (Cont)

Page 15: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri15

• Proper subtree (B in A)

B

Root Node

Reference NodeAAB

• n-Right anonymization XXXX

Anonymization part

Privacy Tree Structure (Cont)

Page 16: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri16

• Equivalent subtree

Root Node A = B

• Full anonymization

Anonymization part

Reference NodeA = B

XXXX XXXX

Privacy Tree Structure (Cont)

Page 17: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri17

• A Survey of Popular Network Analysis Functions from 6 Selected Tools NTOP, http://www.ntop.org/documentation.html Nagios, http://www.nagios.org/docs/ Tcpdump, http://www.tcpdump.org/ Ethereal, http://www.ethereal.com/docs/ MRTG, http://oss.oetiker.ch/mrtg/ OpenNMS,

http://www.opennms.org/index.php/Documentation

Network Analysis Functions

Page 18: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri18

Network Analysis Functions (Cont)

Group of Functions

Functions Privacy Levels

Resource and Capacity Usages

System performances Non-anonymization

Network bandwidth usages

Capacity planning

Multicast traffic analysis

Proxy management

CPU usages n-Right anonymizationMemory usages

Disk usages

Accounting usage; printer, quota usages

• Network Analysis Functions Details

Page 19: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri19

Network Analysis Functions (Cont)

• Network Analysis Functions Details (Cont)

Group of Functions Functions Privacy Levels

Service Statistics HTTP (1) Non-anonymization (Network Summary)(2) n-Right anonymization (Device Summary)

SNMP

TELNET

POP3

NNTP

ARP / ICMP

FTP

SSH

VoIP

Page 20: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri20

Network Analysis Functions (Cont)

• Network Analysis Functions Details (Cont)

Group of Functions Functions Privacy Levels

Service Statistics(Cont)

P2P (1) Non-anonymization(2) n-Right anonymizationTCP Session History

DNS Full anonymization

System Diagnosis and Anomaly Detection

Intrusion detection Full anonymization

Fault detection

Log analysis

Social network analysis

Behavior analysis

Page 21: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri21

Network Analysis Functions (Cont)

• Network Analysis Functions Details (Cont)

Group of Functions Functions Privacy Levels

System Report and Display

Network traffic map Full anonymization

Web application report (1) Full anonymization(2) Randomly full anonymization

Page 22: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri22

• Thailand Computer Crimes Act B.E. 2550

Computer Law

Section Privacy Levels

18(2) (1) n-Right Anonymization (Related with network part)(2) Full Anonymization (Related with person, network and host parts)

18(3) Follow by Privacy Tree Structure

18(4) Follow by Privacy Tree Structure and Network Analysis Function

18(5) Full Anonymization

18(6) Full Anonymization

26-1 Non-anonymization

26-2 n-Right Anonymization

Page 23: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri23

• Rule-Based Method Represent the conditions of 3 factors into the rules Consider and combine each rule to select final privacy

levels

Rule-Based Combination

• Example of Rule-Based Method

Page 24: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri24

• Example of the Results of IP Address Anonymization Based on Privacy Levels with 3 Factors

Results and Discussions

• Scenarios: CU Network administrators are a competent official to request packet data from CU-Engineering for analyzing the web site (HTTP) usages

Page 25: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri25

===================================================================A is referenced IP address of organization which analyzes BB is referenced IP address of organization which is analyzed by A===================================================================Enter Network Address A : 161.200.0.0Enter Mask Address A : 255.255.0.0Enter Network Address B : 161.200.93.0Enter Mask Address B : 255.255.254.0Enter Network Function (NF) : 10Enter Network Function (NF) : 0Enter Law Section : 1Enter Law Section : 0Network Bit of A : 10100001110010000000000000000000Mask Bit of A : 11111111111111110000000000000000Network Bit of B : 10100001110010000101110100000000Mask Bit of B : 11111111111111111111111000000000Privacy Tree Structure (PTS) : (4) Proper Subtree (B in A)Privacy Levels of PTS : (3) n-Right AnonymizationPrivacy Levels of NF : (1) Non-anonymizationPrivacy Levels of LAW : (3) n-Right Anonymization===================================================================Privacy Levels of 3 Factors : (3) n-Right Anonymization===================================================================

Results and Discussions (Cont)

Page 26: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri26

• Example of Results Given subnet mask is

255.255.0.0 11111111.11111111.00000000.00000000 Given key is 11101010010011010010110110010010

• Using Non-anonymization161.200.92.35 10100001.11001000.01011100.00100011

161.200.92.62 10100001.11001000.01011100.00111110

161.200.92.76 10100001.11001000.01011100.01001100

161.200.92.88 10100001.11001000.01011100.01011000

161.200.92.193 10100001.11001000.01011100.11000001

161.200.91.174 10100001.11001000.01011011.10101110

161.200.91.2 10100001.11001000.01011011.00000010

Results and Discussions (Cont)

Page 27: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri27

• Using n-Left Anonymization

94.55.92.35 01011110.00110111.01011100.00100011

94.55.92.62 01011110.00110111.01011100.00111110

94.55.92.76 01011110.00110111.01011100.01001100

94.55.92.88 01011110.00110111.01011100.01011000

94.55.92.193 01011110.00110111.01011100.11000001

94.55.91.174 01011110.00110111.01011011.10101110

94.55.91.2 01011110.00110111.01011011.00000010

Results and Discussions (Cont)

Page 28: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri28

• Using n-Right Anonymization

161.200.163.220 10100001.11001000.10100011.11011100

161.200.163.193 10100001.11001000.10100011.11000001

161.200.163.179 10100001.11001000.10100011.10110011

161.200.163.167 10100001.11001000.10100011.10100111

161.200.163.62 10100001.11001000.10100011.00111110

161.200.164.81 10100001.11001000.10100100.01010001

161.200.164.253 10100001.11001000.10100100.11111101

Results and Discussions (Cont)

Page 29: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri29

• Using Full Anonymization

94.55.163.220 01011110.00110111.10100011.11011100

94.55.163.193 01011110.00110111.10100011.11000001

94.55.163.179 01011110.00110111.10100011.10110011

94.55.163.167 01011110.00110111.10100011.10100111

94.55.163.62 01011110.00110111.10100011.00111110

94.55.164.81 01011110.00110111.10100100.01010001

94.55.164.253 01011110.00110111.10100100.11111101

Results and Discussions (Cont)

Page 30: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri30

• Using Randomly Full Anonymization

24.89.192.204 00011000.01011001.11000000.11001100

128.121.188.160 10000000.01111001.10111100.10100000

105.166.62.205 01101001.10100110.00111110.11001101

191.174.6.210 10111111.10101110.00000110.11010010

72.236.28.89 01001000.11101100.00011100.01011001

111.3.171.101101111.00000011.10101011.00000001

138.224.26.220 10001010.11100000.00011010.11011100

Results and Discussions (Cont)

Page 31: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri31

• Advantage of Our Anonymization Scheme• Applicable to an administrator who analyzes packet

data in different functions• Benefits any organizations in exchanging network data• Appropriates for heavy packet tracers and sniffers

Results and Discussions (Cont)

Page 32: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri32

• This research proposes 5 privacy levels Non-anonymization n-Left anonymization n-Right anonymization Full anonymization Randomly full anonymization

• This research applies these privacy levels to prefix-preserving IP address anonymization, specifically to Crypto-PAn

ConclusionConclusion

Page 33: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri33

• Presenting 3 anonymization factors which are used to consider and select appropriate privacy level Privacy tree structure Network analysis functions Computer law

• Combining the anonymization factors by using rule-based method

Conclusion (Cont)Conclusion (Cont)

Page 34: IP address anonymization

Chulalongkorn University

Ph.D. Seminar, August 5, 2011

Wongyos Keardsri34

Questions and AnswersQuestions and Answers

E-mail : [email protected] : http://www.facebook.com/wongyos/

Q? ...... A!