{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,28]],"date-time":"2025-10-28T03:08:38Z","timestamp":1761620918550,"version":"3.41.0"},"reference-count":24,"publisher":"Association for Computing Machinery (ACM)","issue":"1","license":[{"start":{"date-parts":[[2006,1,10]],"date-time":"2006-01-10T00:00:00Z","timestamp":1136851200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["SIGCOMM Comput. Commun. Rev."],"published-print":{"date-parts":[[2006,1,10]]},"abstract":"<jats:p>Releasing network measurement data---including packet traces---to the research community is a virtuous activity that promotes solid research. However, in practice, releasing anonymized packet traces for public use entails many more vexing considerations than just the usual notion of how to scramble IP addresses to preserve privacy. Publishing traces requires carefully balancing the security needs of the organization providing the trace with the research usefulness of the anonymized trace. In this paper we recount our experiences in (i) securing permission from a large site to release packet header traces of the site's internal traffic, (ii) implementing the corresponding anonymization policy, and (iii) validating its correctness. We present a general tool, tcpmkpub, for anonymizing traces, discuss the process used to determine the particular anonymization policy, and describe the use of metadata accompanying the traces to provide insight into features that have been obfuscated by anonymization<\/jats:p>","DOI":"10.1145\/1111322.1111330","type":"journal-article","created":{"date-parts":[[2006,2,6]],"date-time":"2006-02-06T18:14:10Z","timestamp":1139249650000},"page":"29-38","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":143,"title":["The devil and packet trace anonymization"],"prefix":"10.1145","volume":"36","author":[{"given":"Ruoming","family":"Pang","sequence":"first","affiliation":[{"name":"Princeton University"}]},{"given":"Mark","family":"Allman","sequence":"additional","affiliation":[{"name":"International Computer Science Institute"}]},{"given":"Vern","family":"Paxson","sequence":"additional","affiliation":[{"name":"International Computer Science Institute and Lawrence Berkeley National Laboratory (LBNL)"}]},{"given":"Jason","family":"Lee","sequence":"additional","affiliation":[{"name":"Lawrence Berkeley National Laboratory (LBNL)"}]}],"member":"320","published-online":{"date-parts":[[2006,1,10]]},"reference":[{"key":"e_1_2_1_1_1","unstructured":"Enterprise tracing project. http:\/\/www.icir.org\/enterprise-tracing\/.]]  Enterprise tracing project. http:\/\/www.icir.org\/enterprise-tracing\/.]]"},{"key":"e_1_2_1_2_1","unstructured":"The Passive Measurement and Analysis Project. http:\/\/pma.nlanr.net\/.]]  The Passive Measurement and Analysis Project. http:\/\/pma.nlanr.net\/.]]"},{"key":"e_1_2_1_3_1","unstructured":"The Skitter Project. http:\/\/www.caida.org\/tools\/measurement\/skitter\/.]]  The Skitter Project. http:\/\/www.caida.org\/tools\/measurement\/skitter\/.]]"},{"key":"e_1_2_1_4_1","volume-title":"Passive and Active Measurement Workshop","author":"Allman M.","year":"2002","unstructured":"M. Allman , E. Blanton , and W. Eddy . A Scalable System for Sharing Internet Measurements . In Passive and Active Measurement Workshop , Mar. 2002 .]] M. Allman, E. Blanton, and W. Eddy. A Scalable System for Sharing Internet Measurements. In Passive and Active Measurement Workshop, Mar. 2002.]]"},{"key":"e_1_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/637201.637243"},{"key":"e_1_2_1_6_1","volume-title":"May","author":"Blanton E.","year":"2004","unstructured":"E. Blanton . tcpurify , May 2004 . http:\/\/irg.cs.ohiou.edu\/~eblanton\/tcpurify\/.]] E. Blanton. tcpurify, May 2004. http:\/\/irg.cs.ohiou.edu\/~eblanton\/tcpurify\/.]]"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-31966-5_9"},{"key":"e_1_2_1_8_1","volume-title":"Version 6 (IPv6) Specification","author":"Deering S.","year":"1996","unstructured":"S. Deering and R. Hinden . Internet Protocol , Version 6 (IPv6) Specification , Jan. 1996 . RFC 1883.]] S. Deering and R. Hinden. Internet Protocol, Version 6 (IPv6) Specification, Jan. 1996. RFC 1883.]]"},{"key":"e_1_2_1_9_1","first-page":"1323","author":"Jacobson V.","year":"1992","unstructured":"V. Jacobson , R. Braden , and D. Borman . TCP Extensions for High Performance , May 1992 . RFC 1323 .]] V. Jacobson, R. Braden, and D. Borman. TCP Extensions for High Performance, May 1992. RFC 1323.]]","journal-title":"TCP Extensions for High Performance"},{"key":"e_1_2_1_10_1","unstructured":"E. Kohler. ipsumdump. http:\/\/www.cs.ucla.edu\/~kohler\/ipsumdump\/.]]  E. Kohler. ipsumdump. http:\/\/www.cs.ucla.edu\/~kohler\/ipsumdump\/.]]"},{"key":"e_1_2_1_11_1","volume-title":"Mar.","author":"Kohler E.","year":"2005","unstructured":"E. Kohler , M. Handley , and S. Floyd . Datagram Control Protocol (DCCP) , Mar. 2005 . Internet-Draft draft-ietf-dccp-spec-11.txt (work in progress).]] E. Kohler, M. Handley, and S. Floyd. Datagram Control Protocol (DCCP), Mar. 2005. Internet-Draft draft-ietf-dccp-spec-11.txt (work in progress).]]"},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2005.18"},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/12130.12167"},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/1064413.1064418"},{"key":"e_1_2_1_15_1","volume-title":"Aug.","author":"Minshall G.","year":"1997","unstructured":"G. Minshall . tcpdpriv , Aug. 1997 . http:\/\/ita.ee.lbl.gov\/html\/contrib\/tcpdpriv.html.]] G. Minshall. tcpdpriv, Aug. 1997. http:\/\/ita.ee.lbl.gov\/html\/contrib\/tcpdpriv.html.]]"},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/863955.863994"},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1028788.1028824"},{"key":"e_1_2_1_18_1","volume-title":"Aug.","author":"Postel J.","year":"1980","unstructured":"J. Postel . User Datagram Protocol , Aug. 1980 . RFC 768.]] J. Postel. User Datagram Protocol, Aug. 1980. RFC 768.]]"},{"key":"e_1_2_1_19_1","doi-asserted-by":"crossref","unstructured":"J. Postel. Transmission Control Protocol Sept. 1981. RFC 793.]]  J. Postel. Transmission Control Protocol Sept. 1981. RFC 793.]]","DOI":"10.17487\/rfc0793"},{"key":"e_1_2_1_20_1","first-page":"229","volume-title":"Defeating TCP\/IP Stack Fingerprinting. In 9th USENIX Security Symposium","author":"Smart M.","year":"2000","unstructured":"M. Smart , G. R. Malan , and F. Jahanian . Defeating TCP\/IP Stack Fingerprinting. In 9th USENIX Security Symposium , pages 229 -- 240 , 2000 .]] M. Smart, G. R. Malan, and F. Jahanian. Defeating TCP\/IP Stack Fingerprinting. In 9th USENIX Security Symposium, pages 229--240, 2000.]]"},{"key":"e_1_2_1_21_1","first-page":"2960","author":"Stewart R.","year":"2000","unstructured":"R. Stewart , Q. Xie , K. Morneault , C. Sharp , H. J. Schwarzbauer , T. Taylor , I. Rytina , M. Kalla , L. Zhang , and V. Paxson . Stream Control Transmission Protocol , Oct. 2000 . RFC 2960 .]] R. Stewart, Q. Xie, K. Morneault, C. Sharp, H. J. Schwarzbauer, T. Taylor, I. Rytina, M. Kalla, L. Zhang, and V. Paxson. Stream Control Transmission Protocol, Oct. 2000. RFC 2960.]]","journal-title":"Stream Control Transmission Protocol"},{"key":"e_1_2_1_22_1","volume-title":"Statistical Identification of Encrypted Web Browsing Traffic. In IEEE Symposium on Security and Privacy","author":"Sun Q.","year":"2002","unstructured":"Q. Sun , D. R. Simon , Y. Wang , W. Russell , V. N. Padmanabhan , and L. Qiu . Statistical Identification of Encrypted Web Browsing Traffic. In IEEE Symposium on Security and Privacy , May 2002 .]] Q. Sun, D. R. Simon, Y. Wang, W. Russell, V. N. Padmanabhan, and L. Qiu. Statistical Identification of Encrypted Web Browsing Traffic. In IEEE Symposium on Security and Privacy, May 2002.]]"},{"key":"e_1_2_1_23_1","first-page":"280","volume-title":"Proceedings of the 10th IEEE International Conference on Network Protocols","author":"Xu J.","year":"2002","unstructured":"J. Xu , J. Fan , M. H. Ammar , and S. B. Moon . Prefix-Preserving IP Address Anonymization: Measurement-Based Security Evaluation and a New Cryptography-Based Scheme . In Proceedings of the 10th IEEE International Conference on Network Protocols , pages 280 -- 289 , Washington, DC, USA , 2002 . IEEE Computer Society.]] J. Xu, J. Fan, M. H. Ammar, and S. B. Moon. Prefix-Preserving IP Address Anonymization: Measurement-Based Security Evaluation and a New Cryptography-Based Scheme. In Proceedings of the 10th IEEE International Conference on Network Protocols, pages 280--289, Washington, DC, USA, 2002. IEEE Computer Society.]]"},{"key":"e_1_2_1_24_1","unstructured":"M. Zalewski. p0f: Passive OS Fingerprinting tool. http:\/\/lcamtuf.coredump.cx\/p0f.shtml.]]  M. Zalewski. p0f: Passive OS Fingerprinting tool. http:\/\/lcamtuf.coredump.cx\/p0f.shtml.]]"}],"container-title":["ACM SIGCOMM Computer Communication Review"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1111322.1111330","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1111322.1111330","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T16:08:39Z","timestamp":1750262919000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1111322.1111330"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2006,1,10]]},"references-count":24,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2006,1,10]]}},"alternative-id":["10.1145\/1111322.1111330"],"URL":"https:\/\/doi.org\/10.1145\/1111322.1111330","relation":{},"ISSN":["0146-4833"],"issn-type":[{"type":"print","value":"0146-4833"}],"subject":[],"published":{"date-parts":[[2006,1,10]]},"assertion":[{"value":"2006-01-10","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}