{"title":"Sharing network logs for computer forensics: a new tool for the anonymization of netflow records","authors":"A. Slagell, Y. Li, K. Luo","doi":"10.1109/SECCMW.2005.1588293","DOIUrl":null,"url":null,"abstract":"The authors have begun to address the problem of anonymized data with the development of a new prototype tool CANINE: Converter and ANonymizer for Investigating Netflow Events. Originally, just a NetFlow converter, CANINE has been adapted to anonymize 8 of the most common fields found in all NetFlow formats. Most of these fields can be anonymized in multiple ways providing trade-offs between security and utility. This is the first tool the authors are aware of that supports many levels of anonymization and is the only NetFlow anonymizer of which we are aware ¿ besides a previous, less advanced tool they developed. This article is organized as follows. part 2 discusses related work in log anonymization. Part 3 discusses CANINE¿s anonymization algorithms and design decisions in depth. Finally, part 4 concludes and presents future work on CANINE and the anonymization of other log types.","PeriodicalId":382662,"journal":{"name":"Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005.","volume":"178 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2005-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"29","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SECCMW.2005.1588293","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 29
Abstract
The authors have begun to address the problem of anonymized data with the development of a new prototype tool CANINE: Converter and ANonymizer for Investigating Netflow Events. Originally, just a NetFlow converter, CANINE has been adapted to anonymize 8 of the most common fields found in all NetFlow formats. Most of these fields can be anonymized in multiple ways providing trade-offs between security and utility. This is the first tool the authors are aware of that supports many levels of anonymization and is the only NetFlow anonymizer of which we are aware ¿ besides a previous, less advanced tool they developed. This article is organized as follows. part 2 discusses related work in log anonymization. Part 3 discusses CANINE¿s anonymization algorithms and design decisions in depth. Finally, part 4 concludes and presents future work on CANINE and the anonymization of other log types.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
