ip flow anonymisa on support
play

IP Flow Anonymisa/on Support dra6boschiipfixanon03 Elisa Boschi, - PowerPoint PPT Presentation

Aug 18, 2022 •174 likes •285 views

IP Flow Anonymisa/on Support dra6boschiipfixanon03 Elisa Boschi, Brian Trammell Hitachi Europe, Zrich [See h&p://people.ee.ethz.ch/~boschie/dra7boschiipfixanon03.txt] Monday 23 March 2009, San Francisco,

  1. IP Flow Anonymisa/on Support dra6‐boschi‐ipfix‐anon‐03 Elisa Boschi, Brian Trammell – Hitachi Europe, Zürich [See h&p://people.ee.ethz.ch/~boschie/dra7‐boschi‐ipfix‐anon‐03.txt] Monday 23 March 2009, San Francisco, California, USA

  2. IETF 74 ‐ IPFIX WG – San Francisco, California 23 rd March 2009 Why?  Standardiza/on of flow export [RFC5101] and storage representa/ons [dra6‐ieX‐ipfix‐file] removes a technical barrier to data sharing for  interdomain measurement efforts, and  trace publica/on for research.  End‐user privacy concerns s/ll a barrier.  Anonymisa/on provides one toolset for addressing these concerns.  Need a way to represent the anonymisa/on status of exported or stored data. 2

  3. IETF 74 ‐ IPFIX WG – San Francisco, California 23 rd March 2009 What?  Node and user iden/fying informa/on:  IP addresses  MAC addresses [TODO]  Addi/onal informa/on that can be used to profile users and/or aeack anonymisa/on techniques:  ports (applica/on profiling)  /mestamps and counters (host profiling, fingerprin/ng)  most other fields (fingerprin/ng) 3

  4. IETF 74 ‐ IPFIX WG – San Francisco, California 23 rd March 2009 How?  Generaliza/on  mapping of mul/ple real values to a single anonymised value.  aggregates; does not preserve countability.  [One‐Way] Subs/tu/on  one‐to‐one mapping of real to anonymised values.  count of unique values preserved across anonymisa/on.  [One‐Way] Set Subs/tu/on  each anonymised value respresents a single real value, but  each real value may be represented by mul/ple anonymised values.  does not aggregate, does not preserve countability. 4

  5. IETF 74 ‐ IPFIX WG – San Francisco, California 23 rd March 2009 For how long?  Anonymisa/on func/ons map a real space of values to an anonymised space.  This mapping func/on may change over /me (e.g. through rekeying or dele/on of permuta/on table), affec/ng long‐term comparability of anonymised datasets.  Stability measures this change. 5

  6. IETF 74 ‐ IPFIX WG – San Francisco, California 23 rd March 2009 Anonymisa/on Record scope iden/fies {Template, IE} index op/onal (mul/‐IE only) Technique used to anonymise Associated with a Template, exported via IPFIX Op/ons. 6

  7. IETF 73 ‐ IPFIX WG ‐ Minneapolis 23 rd March 2009 Supported Techniques (1)  None  Data assumed to be real at EP  Undefined  no assump/on anonymisa/on at EP  Dele/on/“Black Marker”  IPFIX supports this na/vely – simple removal of IE from Template  Precision Degrada/on/Trunca/on (Generaliza/on)  Replacement of host addresses with network addresses  Timestamp and counter degrada/on 7

  8. IETF 74 ‐ IPFIX WG – San Francisco, California 23 rd March 2009 Supported Techniques (2)  Binning (Generaliza/on)  Enumera/on (Set Subs/tu/on)  Assignment of a unique value to each record.  May be applied to preserve ordering, esp. with /mestamps.  Permuta/on (Subs/tu/on)  Assignment of a unique anonymised value to each real value.  Prefixed Permuta/on (Subs/tu/on)  Permuta/on that preserved structure present in source data (e.g. CryptoPAN prefix‐preserving IP address anonymisa/on) 8

  9. IETF 74 ‐ IPFIX WG – San Francisco, California 23 rd March 2009 Supported Stability Classes  Undefined  No assump/on about stability at EP  Session  All anonymisa/on parameters stable for dura/on of Transport Session.  Exporter‐Collector  All anonymisa/on parameters stable for an EP‐CP pair.  Different sessions between same EP and CP are comparable.  Stable  All anonymisa/on parameters stable for an EP.  Different sessions from same EP are comparable. 9

  10. IETF 74 ‐ IPFIX WG – San Francisco, California 23 rd March 2009 Guidelines for IPFIX Anonymisa/on  Certain IPFIX data structures can leak informa/on about original data:  IPFIX Message Header Export Time  IPFIX Message Header Observa/on Domain, if linked to EP/MP address  expor/ngProcessIPv[46]Address  collec/onTime and File Time Window Op/ons  Care should be taken with these to prevent deanonymisa/on. 10

  11. IETF 74 ‐ IPFIX WG – San Francisco, California 23 rd March 2009 Next Steps  Con/nued work on Open Issues:  MAC address anonymisa/on  Finaliza/on of classifica/on, stability classes, and techniques  Editorial comple/on  IANA Considera/ons, Security Considera/ons, Examples  nonsensical IE/Technique combina/ons  other relevant guidelines  Considera/on as new Working Group item within the context of the Mediator effort, when appropriate. 11

Recommend

Exceptional Control Flow: Hardware support for reacting to the rest of the world. Control Flow

Exceptional Control Flow: Hardware support for reacting to the rest of the world. Control Flow

Exceptional Control Flow: Hardware support for reacting to the rest of the world. Control Flow Processor: read instruction, execute it, go to next instruction, repeat Physical control flow Explicit changes: Jumps (conditional, unconditional)

428 views • 8 slides
Flow Networks Flow Network: - digraph - weights, called capacities on edges - two

Flow Networks Flow Network: - digraph - weights, called capacities on edges - two

M AXIMUM F LOW How to do it... Why you want it... Where you find it... The Tao of Flow: Let your body go with the flow. -Madonna, Vogue Maximum flow...because youre worth it. -Loreal Go with the flow, Joe.

619 views • 20 slides
Support Vector Machines for Classification of Flow Data Classification of Flow Data Funded by

Support Vector Machines for Classification of Flow Data Classification of Flow Data Funded by

Support Vector Machines for Classification of Flow Data Classification of Flow Data Funded by SBIR Grant # R43 RR024094-01A1 FlowCap 2010 p John Quinn Ph.D. Treestar john@treestar.com Our Objective Our Objective Demonstrate that

312 views • 18 slides
Potential Flow & Flow Nets Potential Flow Irrotational flow for which implies:

Potential Flow & Flow Nets Potential Flow Irrotational flow for which implies:

Potential Flow & Flow Nets Potential Flow Irrotational flow for which implies: This allows you to decompose velocity into a scalar potential such that: Combined with conservation of mass (continuity) and incompressibility you

110 views • 7 slides
Flow Visualization Overview: Flow Visualization (1) Introduction, overview Flow data Simulation

Flow Visualization Overview: Flow Visualization (1) Introduction, overview Flow data Simulation

Flow Visualization Overview: Flow Visualization (1) Introduction, overview Flow data Simulation vs. measurement vs. modelling 2D vs. surfaces vs. 3D Steady vs time-dependent flow Direct vs. indirect flow visualization Experimental flow

1.18k views • 92 slides
Flow Visualization Overview: Flow Visualization (1) Introduction, overview Fl Flow data d t

Flow Visualization Overview: Flow Visualization (1) Introduction, overview Fl Flow data d t

Flow Visualization Overview: Flow Visualization (1) Introduction, overview Fl Flow data d t Simulation vs. measurement vs. modelling 2D vs. surfaces vs. 3D Steady vs time-dependent flow St d ti d d t fl Direct vs. indirect flow

957 views • 92 slides
Free Flow of Non-Personal Data A proposal for a key Regulation to support the data econom y

Free Flow of Non-Personal Data A proposal for a key Regulation to support the data econom y

Free Flow of Non-Personal Data A proposal for a key Regulation to support the data econom y Pearse ODonohue Director Future Netw orks, DG CONNECT EP I MCO 2 3 January 2 0 1 8 CONTEXT Free m ovem ent of data is essential for the

504 views • 6 slides
1 What Is Control-Flow Analysis? Loop Concepts Control-flow analysis discovers the flow of

1 What Is Control-Flow Analysis? Loop Concepts Control-flow analysis discovers the flow of

Control-Flow Analysis and Loop Detection Context Last time Data-flow Speeding up data-flow analysis Flow of data values from defs to uses Could alternatively be represented as a data dependence Today Control-flow analysis

516 views • 5 slides
Max flow and min cost max flow Han Hoogeveen May 23, 2014 Basic problem description Given:

Max flow and min cost max flow Han Hoogeveen May 23, 2014 Basic problem description Given:

Max flow and min cost max flow Han Hoogeveen May 23, 2014 Basic problem description Given: directed graph G = ( V, A ) with special vertices s and t . The goal is to find a flow x from s (source) to t (sink) of maximum size. The flow x

247 views • 11 slides
CS 401 Max Flow / Bipartite Matching Xiaorui Sun 1 Flow network Flow network. G = (V, E) =

CS 401 Max Flow / Bipartite Matching Xiaorui Sun 1 Flow network Flow network. G = (V, E) =

CS 401 Max Flow / Bipartite Matching Xiaorui Sun 1 Flow network Flow network. G = (V, E) = directed graph, no parallel edges. Two distinguished nodes: s = source, t = sink. c(e) = capacity of edge e. 9 2 5 10 15 15 10 4 source 5

1.01k views • 21 slides
Logics for Classical and Quantum Information Flow Sonja Smets (ILLC, University of Amsterdam)

Logics for Classical and Quantum Information Flow Sonja Smets (ILLC, University of Amsterdam)

Logics for Classical and Quantum Information Flow Sonja Smets (ILLC, University of Amsterdam) Financial Support Acknowledgement: 1 Overview General Research Aim: Model and reason about various forms of information flow in interacting

877 views • 42 slides
Review. Ford-Fulkerson algorithm for max-flow: repeatedly augment flow along paths in the

Review. Ford-Fulkerson algorithm for max-flow: repeatedly augment flow along paths in the

Review. Ford-Fulkerson algorithm for max-flow: repeatedly augment flow along paths in the residual graph If capacities are integers, F-F finds an integer valued flow Running time: O((m+n)OPT), where OPT is the value of the max flow

836 views • 30 slides
Flow Analysis Data-flow analysis, Control-flow analysis, Abstract interpretation, AAM Helpful

Flow Analysis Data-flow analysis, Control-flow analysis, Abstract interpretation, AAM Helpful

Flow Analysis Data-flow analysis, Control-flow analysis, Abstract interpretation, AAM Helpful Reading: Sections 1.1-1.5, 2.1 Data-flow analysis (DFA) A framework for statically proving facts about program data. Focuses on simple, finite

1.04k views • 54 slides
Network Flow CS31005: Algorithms-II Autumn 2020 IIT Kharagpur Network Flow Models the flow

Network Flow CS31005: Algorithms-II Autumn 2020 IIT Kharagpur Network Flow Models the flow

Network Flow CS31005: Algorithms-II Autumn 2020 IIT Kharagpur Network Flow Models the flow of items through a network Example Transporting goods through the road/rail/air network Flow of fluids (oil, water,..) through pumping

949 views • 84 slides
Cytometry Flow Cytometry Flow Cytometry is the technological process that allows for the

Cytometry Flow Cytometry Flow Cytometry is the technological process that allows for the

Basic Principles in Flow Cytometry Flow Cytometry Flow Cytometry is the technological process that allows for the individual measurements of cell fluorescence and light scattering. This process is performed at rates of thousands of cells

214 views • 20 slides
Engineering Economics 4-1 Cash Flow Cash flow is the sum of money recorded as receipts or

Engineering Economics 4-1 Cash Flow Cash flow is the sum of money recorded as receipts or

Engineering Economics 4-1 Cash Flow Cash flow is the sum of money recorded as receipts or disbursements in a projects financial records. A cash flow diagram presents the flow of cash as arrows on a time line scaled to the magnitude of the

383 views • 34 slides
Review Network flow definitions CSE 421 Flow examples Augmenting Paths Algorithms

Review Network flow definitions CSE 421 Flow examples Augmenting Paths Algorithms

Review Network flow definitions CSE 421 Flow examples Augmenting Paths Algorithms g Residual Graph Richard Anderson Ford Fulkerson Algorithm Lecture 22 Cuts Network Flow Maxflow-MinCut Theorem Network Flow

860 views • 4 slides
Flow networks, flow, maximum flow Can interpret directed graph as flow network. Material

Flow networks, flow, maximum flow Can interpret directed graph as flow network. Material

Flow networks, flow, maximum flow Can interpret directed graph as flow network. Material courses through some system from some source to some sink. Source produces material at some steady rate, sink consumes at same rate. Examples:

570 views • 37 slides
TCP TCP provides the end-to-end reliable CSCE 515: connection that IP alone cannot support

TCP TCP provides the end-to-end reliable CSCE 515: connection that IP alone cannot support

TCP TCP provides the end-to-end reliable CSCE 515: connection that IP alone cannot support Computer Network Programming The TCP protocol ------ TCP Details Segment format Connection Creation Wenyuan Xu Flow control

798 views • 5 slides
Traffic Flow Characteristics and Theory Primary Elements of Traffic Flow a. Flow Rate = q

Traffic Flow Characteristics and Theory Primary Elements of Traffic Flow a. Flow Rate = q

Traffic Flow Characteristics and Theory Primary Elements of Traffic Flow a. Flow Rate = q (vehicle per hour, vph) b. Density = k (vehicle per mile, vpm) c. Speed = u (mile per hour, mph) 2 Dr. Randa Oqab Mujalli Flow Flow (q) : is the

943 views • 20 slides
Flow networks 2 5 1 How much flow can we push 4 7 through from s to t ? 3 2 (Numbers are

Flow networks 2 5 1 How much flow can we push 4 7 through from s to t ? 3 2 (Numbers are

Flow networks 2 5 1 How much flow can we push 4 7 through from s to t ? 3 2 (Numbers are capacities.) 5 2 Flow networks 5 1 s 4 7 t 3 2 5 Def: A flow network is a directed graph G=(V,E) where edges have capacities c:E->R +

335 views • 29 slides
Network Flow 5 Network Flow terminology Network flow is similar to finding how much water we

Network Flow 5 Network Flow terminology Network flow is similar to finding how much water we

1 Network Flow 5 Network Flow terminology Network flow is similar to finding how much water we can bring from a source to a sink (infinite) (intermediates cannot hold water) 6 Network Flow terminology Definitions: c(u,v)

576 views • 34 slides
CS 401 Max Flow Xiaorui Sun 1 Stuff Homework 3 due today Homework 4 will be out soon Flow

CS 401 Max Flow Xiaorui Sun 1 Stuff Homework 3 due today Homework 4 will be out soon Flow

CS 401 Max Flow Xiaorui Sun 1 Stuff Homework 3 due today Homework 4 will be out soon Flow network Flow network. G = (V, E) = directed graph, no parallel edges. Two distinguished nodes: s = source, t = sink. c(e) = capacity of edge e. 9

683 views • 37 slides
Flow and Congestion Control CS 218 F2003 Oct 29, 03 Flow control goals Classification

Flow and Congestion Control CS 218 F2003 Oct 29, 03 Flow control goals Classification

Flow and Congestion Control CS 218 F2003 Oct 29, 03 Flow control goals Classification and overview of main techniques TCP Tahoe, Reno, Vegas TCP Westwood Readings: (1) Keshavs book Chapter on Flow Control; (2)

374 views • 22 slides

More recommend