{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:23:55Z","timestamp":1750220635760,"version":"3.41.0"},"reference-count":92,"publisher":"Association for Computing Machinery (ACM)","issue":"3","license":[{"start":{"date-parts":[[2021,2,9]],"date-time":"2021-02-09T00:00:00Z","timestamp":1612828800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"the Natural Sciences and Engineering Research Council of Canada and Ericsson Canada under CRD Grant","award":["N01823"],"award-info":[{"award-number":["N01823"]}]},{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1745894"],"award-info":[{"award-number":["CNS-1745894"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100017029","name":"WISER","doi-asserted-by":"crossref","award":["ISFG"],"award-info":[{"award-number":["ISFG"]}],"id":[{"id":"10.13039\/100017029","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Priv. Secur."],"published-print":{"date-parts":[[2021,8,31]]},"abstract":"<jats:p>As network security monitoring grows more sophisticated, there is an increasing need for outsourcing such tasks to third-party analysts. However, organizations are usually reluctant to share their network traces due to privacy concerns over sensitive information, e.g., network and system configuration, which may potentially be exploited for attacks. In cases where data owners are convinced to share their network traces, the data are typically subjected to certain anonymization techniques, e.g., CryptoPAn, which replaces real IP addresses with prefix-preserving pseudonyms. However, most such techniques either are vulnerable to adversaries with prior knowledge about some network flows in the traces or require heavy data sanitization or perturbation, which may result in a significant loss of data utility. In this article, we aim to preserve both privacy and utility through shifting the trade-off from between privacy and utility to between privacy and computational cost. The key idea is for the analysts to generate and analyze multiple anonymized views of the original network traces: Those views are designed to be sufficiently indistinguishable even to adversaries armed with prior knowledge, which preserves the privacy, whereas one of the views will yield true analysis results privately retrieved by the data owner, which preserves the utility. We formally analyze the privacy of our solution and experimentally evaluate it using real network traces provided by a major ISP. The experimental results show that our approach can significantly reduce the level of information leakage (e.g., less than 1% of the information leaked by CryptoPAn) with comparable utility.<\/jats:p>","DOI":"10.1145\/3439732","type":"journal-article","created":{"date-parts":[[2021,2,10]],"date-time":"2021-02-10T14:58:29Z","timestamp":1612969109000},"page":"1-36","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":5,"title":["A Multi-view Approach to Preserve Privacy and Utility in Network Trace Anonymization"],"prefix":"10.1145","volume":"24","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-0619-6361","authenticated-orcid":false,"given":"Meisam","family":"Mohammady","sequence":"first","affiliation":[{"name":"Concordia University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Momen","family":"Oqaily","sequence":"additional","affiliation":[{"name":"Concordia University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Lingyu","family":"Wang","sequence":"additional","affiliation":[{"name":"Concordia University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yuan","family":"Hong","sequence":"additional","affiliation":[{"name":"Illinois Institute of Technology"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Habib","family":"Louafi","sequence":"additional","affiliation":[{"name":"University of Regina"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Makan","family":"Pourzandi","sequence":"additional","affiliation":[{"name":"Ericsson Research Security"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mourad","family":"Debbabi","sequence":"additional","affiliation":[{"name":"Concordia University"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2021,2,9]]},"reference":[{"volume-title":"Proceedings of the 3rd International Conference on Security and Privacy in Communications Networks and the Workshops (SecureComm\u201907)","author":"Foukarakis Michalis","key":"e_1_2_1_1_1","unstructured":"Michalis Foukarakis , Demetres Antoniades , Spiros Antonatos , and Evangelos P. Markatos . 2007. Flexible and high-performance anonymization of NetFlow records using anontool . In Proceedings of the 3rd International Conference on Security and Privacy in Communications Networks and the Workshops (SecureComm\u201907) . IEEE, 33--38. Michalis Foukarakis, Demetres Antoniades, Spiros Antonatos, and Evangelos P. Markatos. 2007. Flexible and high-performance anonymization of NetFlow records using anontool. In Proceedings of the 3rd International Conference on Security and Privacy in Communications Networks and the Workshops (SecureComm\u201907). IEEE, 33--38."},{"volume-title":"Proceedings of the 15th USENIX Conference on System Administration (LISA\u201901)","author":"Moore David","key":"e_1_2_1_2_1","unstructured":"David Moore , Ken Keys , Ryan Koga , Edouard Lagache , and K. C. Claffy . 2001. The CoralReef software suite as a tool for system and network administrators . In Proceedings of the 15th USENIX Conference on System Administration (LISA\u201901) . USENIX Association, Berkeley, CA, 133--144. David Moore, Ken Keys, Ryan Koga, Edouard Lagache, and K. C. Claffy. 2001. The CoralReef software suite as a tool for system and network administrators. In Proceedings of the 15th USENIX Conference on System Administration (LISA\u201901). USENIX Association, Berkeley, CA, 133--144."},{"key":"e_1_2_1_3_1","volume-title":"Proceedings of Tenth International Conference on Telecommunication Systems.","author":"Li Yifan","year":"2005","unstructured":"Yifan Li , Adam Slagell , Katherine Luo , and William Yurcik . 2005 . CANINE: A combined conversion and anonymization tool for processing net flows for security . In Proceedings of Tenth International Conference on Telecommunication Systems. Yifan Li, Adam Slagell, Katherine Luo, and William Yurcik. 2005. CANINE: A combined conversion and anonymization tool for processing net flows for security. In Proceedings of Tenth International Conference on Telecommunication Systems."},{"key":"e_1_2_1_4_1","unstructured":"Jani Hautakorpi and Gonzalo Camarillo Gonzalez. IP Address Distribution in Middleboxes. U.S. Patent Application No. 12\/518 452.  Jani Hautakorpi and Gonzalo Camarillo Gonzalez. IP Address Distribution in Middleboxes. U.S. Patent Application No. 12\/518 452."},{"key":"e_1_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243809"},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1007\/11600930_96"},{"volume-title":"Proceedings of the IEEE International Conference on Computer Communications (INFOCOM\u201912)","author":"Riboni Daniele","key":"e_1_2_1_7_1","unstructured":"Daniele Riboni , Antonio Villani , Domenico Vitali , Claudio Bettini , and Luigi V. Mancini . 2012. Obfuscation of sensitive data in network flows . In Proceedings of the IEEE International Conference on Computer Communications (INFOCOM\u201912) . IEEE, 2372--2380. Daniele Riboni, Antonio Villani, Domenico Vitali, Claudio Bettini, and Luigi V. Mancini. 2012. Obfuscation of sensitive data in network flows. In Proceedings of the IEEE International Conference on Computer Communications (INFOCOM\u201912). IEEE, 2372--2380."},{"volume-title":"Proceedings of the 10th IEEE International Conference on Network Protocols. IEEE, 280--289","author":"Xu Jun","key":"e_1_2_1_8_1","unstructured":"Jun Xu , Jinliang Fan , Mostafa H. Ammar , and Sue B. Moon . 2002. Prefix-preserving ip address anonymization: Measurement-based security evaluation and a new cryptography-based scheme . In Proceedings of the 10th IEEE International Conference on Network Protocols. IEEE, 280--289 . Jun Xu, Jinliang Fan, Mostafa H. Ammar, and Sue B. Moon. 2002. Prefix-preserving ip address anonymization: Measurement-based security evaluation and a new cryptography-based scheme. In Proceedings of the 10th IEEE International Conference on Network Protocols. IEEE, 280--289."},{"key":"e_1_2_1_9_1","volume-title":"Proceedings of the International Workshop on Privacy Enhancing Technologies. Springer","author":"Brekne T.","year":"2005","unstructured":"T. Brekne , A. \u00c5rnes , and A. \u00d8sleb\u00f8 . 2005 . Anonymization of ip traffic monitoring data: Attacks on two prefix-preserving anonymization schemes and some proposed remedies . In Proceedings of the International Workshop on Privacy Enhancing Technologies. Springer , Berlin, 179--196. T. Brekne, A. \u00c5rnes, and A. \u00d8sleb\u00f8. 2005. Anonymization of ip traffic monitoring data: Attacks on two prefix-preserving anonymization schemes and some proposed remedies. In Proceedings of the International Workshop on Privacy Enhancing Technologies. Springer, Berlin, 179--196."},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/SECCMW.2005.1588293"},{"key":"e_1_2_1_11_1","doi-asserted-by":"crossref","unstructured":"Morris Dworkin. Recommendation for block cipher modes of operation: Methods for format-preserving encryption. NIST Special Publication 800 (2016): 38G.  Morris Dworkin. Recommendation for block cipher modes of operation: Methods for format-preserving encryption. NIST Special Publication 800 (2016): 38G.","DOI":"10.6028\/NIST.SP.800-38G"},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/TKDE.2017.2697856"},{"key":"e_1_2_1_13_1","unstructured":"T\u00f8nnes Brekne and Andr\u00e9 \u00c5rnes. 2005. Circumventing IP-address pseudonymization. In Communications and Computer Networks. 43--48.  T\u00f8nnes Brekne and Andr\u00e9 \u00c5rnes. 2005. Circumventing IP-address pseudonymization. In Communications and Computer Networks. 43--48."},{"volume-title":"Proceedings of the International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment. Springer","author":"Yen Ting-Fang","key":"e_1_2_1_14_1","unstructured":"Ting-Fang Yen , Xin Huang , Fabian Monrose , and Michael K. Reiter . 2009. Browser fingerprinting from coarse traffic summaries: Techniques and implications . In Proceedings of the International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment. Springer , Berlin, 157--175. Ting-Fang Yen, Xin Huang, Fabian Monrose, and Michael K. Reiter. 2009. Browser fingerprinting from coarse traffic summaries: Techniques and implications. In Proceedings of the International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment. Springer, Berlin, 157--175."},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/1456441.1456452"},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/1111322.1111330"},{"volume-title":"Proceedings of the Conference on USENIX Security.","author":"Coull Scott E.","key":"e_1_2_1_17_1","unstructured":"Scott E. Coull , Michael P. Collins , Charles V. Wright , Fabian Monrose , and Michael K. Reiter . 2007. On web browsing privacy in anonymized NetFlows . In Proceedings of the Conference on USENIX Security. Scott E. Coull, Michael P. Collins, Charles V. Wright, Fabian Monrose, and Michael K. Reiter. 2007. On web browsing privacy in anonymized NetFlows. In Proceedings of the Conference on USENIX Security."},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.5555\/1325851.1325868"},{"key":"e_1_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICC.2006.255113"},{"key":"e_1_2_1_20_1","unstructured":"Ed Ferrara Christopher McClean and Michael Caputo. 2014. The Forrester Wave: Managed security services: North America q4. Forrester Research.  Ed Ferrara Christopher McClean and Michael Caputo. 2014. The Forrester Wave: Managed security services: North America q4. Forrester Research."},{"key":"e_1_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/1835804.1835866"},{"key":"e_1_2_1_22_1","unstructured":"Greg Minshall. Tcpdpriv. Retrieved from http:\/\/ita. ee. lbl. gov\/html\/contrib\/tcpdpriv. html.  Greg Minshall. Tcpdpriv. Retrieved from http:\/\/ita. ee. lbl. gov\/html\/contrib\/tcpdpriv. html."},{"key":"e_1_2_1_23_1","unstructured":"Universita degli Studi di Brescia. 2009. tcpanon. Retrieved from http:\/\/netweb.ing.unibs.it\/ tools\/tcpanon\/index.php.  Universita degli Studi di Brescia. 2009. tcpanon. Retrieved from http:\/\/netweb.ing.unibs.it\/ tools\/tcpanon\/index.php."},{"key":"e_1_2_1_24_1","volume-title":"Proceedings of the 3rd International Conference on Security and Privacy in Communications Networks and the Workshops (SecureComm\u201907)","author":"Woolam Clay","year":"2007","unstructured":"Yurcik, William, Clay Woolam , Greg Hellings , Latifur Khan , and Bhavani Thuraisingham . 2007 . Scrub-tcpdump: A multi-level packet anonymizer demonstrating privacy\/analysis tradeoffs . In Proceedings of the 3rd International Conference on Security and Privacy in Communications Networks and the Workshops (SecureComm\u201907) . IEEE, 49--56. Yurcik, William, Clay Woolam, Greg Hellings, Latifur Khan, and Bhavani Thuraisingham. 2007. Scrub-tcpdump: A multi-level packet anonymizer demonstrating privacy\/analysis tradeoffs. In Proceedings of the 3rd International Conference on Security and Privacy in Communications Networks and the Workshops (SecureComm\u201907). IEEE, 49--56."},{"key":"e_1_2_1_25_1","volume-title":"Proceedings of the 50th RIPE Meeting.","author":"Haag Peter","year":"2005","unstructured":"Peter Haag . 2005 . Watch your Flows with NfSen and NFDUMP . In Proceedings of the 50th RIPE Meeting. Peter Haag. 2005. Watch your Flows with NfSen and NFDUMP. In Proceedings of the 50th RIPE Meeting."},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/1456441.1456445"},{"key":"e_1_2_1_27_1","volume-title":"Article 52 (May","author":"Dijkhuizen Niels Van","year":"2018","unstructured":"Niels Van Dijkhuizen and Jeroen Van Der Ham . 2018. A survey of network traffic anonymisation techniques and implementations. ACM Comput. Surv. 51, 3 , Article 52 (May 2018 ), 27 pages. DOI:https:\/\/doi.org\/10.1145\/3182660. 10.1145\/3182660 Niels Van Dijkhuizen and Jeroen Van Der Ham. 2018. A survey of network traffic anonymisation techniques and implementations. ACM Comput. Surv. 51, 3, Article 52 (May 2018), 27 pages. DOI:https:\/\/doi.org\/10.1145\/3182660."},{"key":"e_1_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/1111322.1111329"},{"key":"e_1_2_1_29_1","volume-title":"Proceedings of the Large Installation System Administration Conference (LISA\u201906)","author":"Slagell Adam J.","year":"2006","unstructured":"Adam J. Slagell , Kiran Lakkaraju , and Katherine Luo . 2006 . FLAIM: A multi-level anonymization framework for computer and network logs . In Proceedings of the Large Installation System Administration Conference (LISA\u201906) . 3--8. Adam J. Slagell, Kiran Lakkaraju, and Katherine Luo. 2006. FLAIM: A multi-level anonymization framework for computer and network logs. In Proceedings of the Large Installation System Administration Conference (LISA\u201906). 3--8."},{"key":"e_1_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/1519144.1519147"},{"key":"e_1_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/1672308.1672310"},{"key":"e_1_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/1162678.1162686"},{"key":"e_1_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813629"},{"key":"e_1_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1002\/cpe.2992"},{"key":"e_1_2_1_35_1","volume-title":"Proceedings of the ACM Workshop on Hot Topics in Networks (HotNets\u201909)","author":"Mittal Prateek","year":"2009","unstructured":"Prateek Mittal , Vern Paxson , Robin Sommer , and Mark Winterrowd . 2009 . Securing mediated trace access using black-box permutation analysis . In Proceedings of the ACM Workshop on Hot Topics in Networks (HotNets\u201909) . Prateek Mittal, Vern Paxson, Robin Sommer, and Mark Winterrowd. 2009. Securing mediated trace access using black-box permutation analysis. In Proceedings of the ACM Workshop on Hot Topics in Networks (HotNets\u201909)."},{"key":"e_1_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/1851275.1851199"},{"key":"e_1_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/SAI.2015.7237310"},{"key":"e_1_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1109\/CYBConf.2013.6617434"},{"key":"e_1_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23033"},{"key":"e_1_2_1_40_1","volume-title":"Proceedings of the Large Installation System Administration Conference (LISA\u201906)","author":"Slagell Adam J.","year":"2006","unstructured":"Adam J. Slagell , Kiran Lakkaraju , and Katherine Luo . 2006 . FLAIM: A multi-level anonymization framework for computer and network logs . In Proceedings of the Large Installation System Administration Conference (LISA\u201906) . 3--8. Adam J. Slagell, Kiran Lakkaraju, and Katherine Luo. 2006. FLAIM: A multi-level anonymization framework for computer and network logs. In Proceedings of the Large Installation System Administration Conference (LISA\u201906). 3--8."},{"volume-title":"Proceedings of the 10th IEEE International Conference on Network Protocols. IEEE, 280--289","author":"Xu Jun","key":"e_1_2_1_41_1","unstructured":"Jun Xu , Jinliang Fan , Mostafa H. Ammar , and Sue B. Moon . 2002. Prefix-preserving ip address anonymization: Measurement-based security evaluation and a new cryptography-based scheme . In Proceedings of the 10th IEEE International Conference on Network Protocols. IEEE, 280--289 . Jun Xu, Jinliang Fan, Mostafa H. Ammar, and Sue B. Moon. 2002. Prefix-preserving ip address anonymization: Measurement-based security evaluation and a new cryptography-based scheme. In Proceedings of the 10th IEEE International Conference on Network Protocols. IEEE, 280--289."},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660365"},{"key":"e_1_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/NOMS.2008.4575265"},{"volume-title":"Proceedings of the 1st ACM Workshop on Network Data Anonymization. ACM, 41--48","author":"Gattani Shantanu","key":"e_1_2_1_44_1","unstructured":"Shantanu Gattani and Thomas E. Daniels . 2008. Reference models for network data anonymization . In Proceedings of the 1st ACM Workshop on Network Data Anonymization. ACM, 41--48 . Shantanu Gattani and Thomas E. Daniels. 2008. Reference models for network data anonymization. In Proceedings of the 1st ACM Workshop on Network Data Anonymization. ACM, 41--48."},{"key":"e_1_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDE.2015.7113353"},{"key":"e_1_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/2414456.2414474"},{"key":"e_1_2_1_47_1","unstructured":"Ninghui Li Wahbeh Qardaji and Dong Su. 2011. Provably private data anonymization: Or k-anonymity meets differential privacy. CoRR. abs\/1101.2604.  Ninghui Li Wahbeh Qardaji and Dong Su. 2011. Provably private data anonymization: Or k-anonymity meets differential privacy. CoRR. abs\/1101.2604."},{"key":"e_1_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/863955.863994"},{"key":"e_1_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-32009-5_28"},{"key":"e_1_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1515\/popets-2018-0004"},{"key":"e_1_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/2736277.2741122"},{"key":"e_1_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1109\/SECCOMW.2006.359577"},{"volume-title":"Proceedings of the Conference on Electronic Imaging. International Society for Optics and Photonics, 156--170","author":"Saroiu Stefan","key":"e_1_2_1_53_1","unstructured":"Stefan Saroiu , P. Krishna Gummadi , and Steven D. Gribble . 2001. Measurement study of peer-to-peer file sharing systems . In Proceedings of the Conference on Electronic Imaging. International Society for Optics and Photonics, 156--170 . Stefan Saroiu, P. Krishna Gummadi, and Steven D. Gribble. 2001. Measurement study of peer-to-peer file sharing systems. In Proceedings of the Conference on Electronic Imaging. International Society for Optics and Photonics, 156--170."},{"key":"e_1_2_1_54_1","volume-title":"Proceedings of the 36th Annual Symposium on Foundations of Computer Science. IEEE","author":"\u00a0al Benny Chor","year":"1995","unstructured":"Benny Chor et \u00a0al . 1995 . Private information retrieval . In Proceedings of the 36th Annual Symposium on Foundations of Computer Science. IEEE , 1995. Benny Chor et\u00a0al. 1995. Private information retrieval. In Proceedings of the 36th Annual Symposium on Foundations of Computer Science. IEEE, 1995."},{"key":"e_1_2_1_55_1","unstructured":"Piotr Biler and Alfred Witkowski. 1990. Problems in mathematical analysis. https:\/\/search.ebscohost.com\/login.aspx?direct=truescope=sitedb=nlebkdb=nlabkAN=1619203.  Piotr Biler and Alfred Witkowski. 1990. Problems in mathematical analysis. https:\/\/search.ebscohost.com\/login.aspx?direct=truescope=sitedb=nlebkdb=nlabkAN=1619203."},{"key":"e_1_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1007\/11919568_79"},{"volume-title":"Proceedings of the Network and Distributed System Security Symposium (NDSS\u201908)","author":"Ribeiro Bruno F.","key":"e_1_2_1_57_1","unstructured":"Bruno F. Ribeiro , Weifeng Chen , Gerome Miklau , and Donald F. Towsley . 2008. Analyzing privacy in enterprise packet trace anonymization . In Proceedings of the Network and Distributed System Security Symposium (NDSS\u201908) . Bruno F. Ribeiro, Weifeng Chen, Gerome Miklau, and Donald F. Towsley. 2008. Analyzing privacy in enterprise packet trace anonymization. In Proceedings of the Network and Distributed System Security Symposium (NDSS\u201908)."},{"key":"e_1_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978386"},{"key":"e_1_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978379"},{"key":"e_1_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.14778\/3236187.3236217"},{"key":"e_1_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00030"},{"volume-title":"Proceedings of the Network and Distributed System Security Symposium (NDSS\u201907)","author":"Coull Scott E.","key":"e_1_2_1_62_1","unstructured":"Scott E. Coull , Charles V. Wright , Fabian Monrose , Michael P. Collins , and Michael K. Reiter . 2007. Playing Devil\u2019s advocate: Inferring sensitive information from anonymized network traces . In Proceedings of the Network and Distributed System Security Symposium (NDSS\u201907) . 35--47. Scott E. Coull, Charles V. Wright, Fabian Monrose, Michael P. Collins, and Michael K. Reiter. 2007. Playing Devil\u2019s advocate: Inferring sensitive information from anonymized network traces. In Proceedings of the Network and Distributed System Security Symposium (NDSS\u201907). 35--47."},{"key":"e_1_2_1_63_1","volume-title":"Proceedings of the 21st Annual Computer Security Applications Conference (ACSAC\u201905)","author":"Yurcik William","year":"2005","unstructured":"William Yurcik , and Yifan Li . 2005 . Internet security visualization case study: Instrumenting a network for NetFlow security visualization tools . In Proceedings of the 21st Annual Computer Security Applications Conference (ACSAC\u201905) . William Yurcik, and Yifan Li. 2005. Internet security visualization case study: Instrumenting a network for NetFlow security visualization tools. In Proceedings of the 21st Annual Computer Security Applications Conference (ACSAC\u201905)."},{"volume-title":"Proceedings of the Conference For Homeland Security (CATCH\u201909)","author":"Coull S. E.","key":"e_1_2_1_64_1","unstructured":"S. E. Coull , Monrose, F., Reiter, M. K., and Bailey, M . 2009. The challenges of effectively anonymizing network data . In Proceedings of the Conference For Homeland Security (CATCH\u201909) . IEEE, 230--236. S. E. Coull, Monrose, F., Reiter, M. K., and Bailey, M. 2009. The challenges of effectively anonymizing network data. In Proceedings of the Conference For Homeland Security (CATCH\u201909). IEEE, 230--236."},{"key":"e_1_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2016.2556979"},{"key":"e_1_2_1_66_1","volume-title":"Differential privacy. Encyclopedia of Cryptography and Security","author":"Dwork Cynthia","year":"2011","unstructured":"Cynthia Dwork . 2011. Differential privacy. Encyclopedia of Cryptography and Security ( 2011 ), 338--340. Cynthia Dwork. 2011. Differential privacy. Encyclopedia of Cryptography and Security (2011), 338--340."},{"key":"e_1_2_1_67_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-79228-4_1"},{"key":"e_1_2_1_68_1","doi-asserted-by":"publisher","DOI":"10.1109\/SFCS.1997.646125"},{"key":"e_1_2_1_69_1","doi-asserted-by":"publisher","DOI":"10.1145\/233551.233553"},{"key":"e_1_2_1_70_1","doi-asserted-by":"publisher","DOI":"10.1007\/11681878_14"},{"key":"e_1_2_1_71_1","volume-title":"Proceedings of the 27th Annual Symposium on Foundations of Computer Science. IEEE, 162--167","author":"Chi-Chih Yao Andrew","year":"1986","unstructured":"Andrew Chi-Chih Yao . 1986 . How to generate and exchange secrets . In Proceedings of the 27th Annual Symposium on Foundations of Computer Science. IEEE, 162--167 . Andrew Chi-Chih Yao. 1986. How to generate and exchange secrets. In Proceedings of the 27th Annual Symposium on Foundations of Computer Science. IEEE, 162--167."},{"key":"e_1_2_1_72_1","unstructured":"Oded Goldreich. 1999. Secure multi-party computation. In Available at Theory of Cryptography Library. http:\/\/philby.ucsb.edu\/cryptolib\/BOOKS.  Oded Goldreich. 1999. Secure multi-party computation. In Available at Theory of Cryptography Library. http:\/\/philby.ucsb.edu\/cryptolib\/BOOKS."},{"key":"e_1_2_1_73_1","volume-title":"Cormen et\u00a0al","author":"Thomas","year":"2001","unstructured":"Thomas H. Cormen et\u00a0al . 2001 . Data structures for disjoint sets. Introduction to Algorithms (2nd Edition). The MIT Press . Thomas H. Cormen et\u00a0al. 2001. Data structures for disjoint sets. Introduction to Algorithms (2nd Edition). The MIT Press."},{"key":"e_1_2_1_74_1","doi-asserted-by":"publisher","DOI":"10.1145\/359619.359631"},{"key":"e_1_2_1_75_1","volume-title":"Proceedings of the Workshop on Secure Knowledge Management.","author":"Slagell Adam","year":"2004","unstructured":"Adam Slagell , Jun Wang , and William Yurcik . 2004 . Network log anonymization: Application of Crypto-PAn to Cisco netflows . In Proceedings of the Workshop on Secure Knowledge Management. Adam Slagell, Jun Wang, and William Yurcik. 2004. Network log anonymization: Application of Crypto-PAn to Cisco netflows. In Proceedings of the Workshop on Secure Knowledge Management."},{"key":"e_1_2_1_76_1","volume-title":"TCPdpriv command manual","author":"Minshall","year":"1996","unstructured":"Minshall G. TCPdpriv command manual . 1996 . Retrieved from http:\/\/ita.ee.lbl.gov\/html\/contrib\/tcpdpriv.0.txt. Minshall G. TCPdpriv command manual. 1996. Retrieved from http:\/\/ita.ee.lbl.gov\/html\/contrib\/tcpdpriv.0.txt."},{"key":"e_1_2_1_77_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICNP.2011.6089040"},{"key":"e_1_2_1_78_1","doi-asserted-by":"publisher","DOI":"10.1145\/1142351.1142374"},{"key":"e_1_2_1_79_1","volume-title":"Proceedings of USENIX Security Symposium.","author":"Burkhart Martin","year":"2010","unstructured":"Martin Burkhart , Mario Strasser , Dilip Many , and Xenofontas Dimitropoulos . 2010 . SEPIA: Privacy-preserving aggregation of multi-domain network events and statistics . In Proceedings of USENIX Security Symposium. Martin Burkhart, Mario Strasser, Dilip Many, and Xenofontas Dimitropoulos. 2010. SEPIA: Privacy-preserving aggregation of multi-domain network events and statistics. In Proceedings of USENIX Security Symposium."},{"key":"e_1_2_1_80_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-01001-9_13"},{"key":"e_1_2_1_81_1","volume-title":"Searchable symmetric encryption: Improved definitions and efficient constructions. J. Comput. Secur. 19 5","author":"Curtmola Reza","year":"2011","unstructured":"Reza Curtmola , Juan Garay , Seny Kamara , and Rafail Ostrovsky . 2011. Searchable symmetric encryption: Improved definitions and efficient constructions. J. Comput. Secur. 19 5 ( 2011 ), 895--934. Reza Curtmola, Juan Garay, Seny Kamara, and Rafail Ostrovsky. 2011. Searchable symmetric encryption: Improved definitions and efficient constructions. J. Comput. Secur. 19 5 (2011), 895--934."},{"key":"e_1_2_1_82_1","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy (S8P\u201900)","author":"Song Dawn Xiaoding","year":"2000","unstructured":"Dawn Xiaoding Song , David Wagner , and Adrian Perrig . 2000 . Practical techniques for searches on encrypted data . In Proceedings of the IEEE Symposium on Security and Privacy (S8P\u201900) . IEEE, 44--55. Dawn Xiaoding Song, David Wagner, and Adrian Perrig. 2000. Practical techniques for searches on encrypted data. In Proceedings of the IEEE Symposium on Security and Privacy (S8P\u201900). IEEE, 44--55."},{"key":"e_1_2_1_83_1","doi-asserted-by":"publisher","DOI":"10.1145\/1536414.1536440"},{"key":"e_1_2_1_84_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-19571-6_16"},{"key":"e_1_2_1_85_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-74143-5_30"},{"key":"e_1_2_1_86_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-01001-9_13"},{"key":"e_1_2_1_87_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium (NDSS\u201912)","author":"Islam Mohammad Saiful","year":"2012","unstructured":"Mohammad Saiful Islam , Mehmet Kuzu , and Murat Kantarcioglu . 2012 . Access pattern disclosure on searchable encryption: Ramification, attack and mitigation . In Proceedings of the Network and Distributed System Security Symposium (NDSS\u201912) , 20. Mohammad Saiful Islam, Mehmet Kuzu, and Murat Kantarcioglu. 2012. Access pattern disclosure on searchable encryption: Ramification, attack and mitigation. In Proceedings of the Network and Distributed System Security Symposium (NDSS\u201912), 20."},{"volume-title":"Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. ACM, 644--655","author":"Naveed Muhammad","key":"e_1_2_1_88_1","unstructured":"Muhammad Naveed , Seny Kamara , and Charles V. Wright . 2015. Inference attacks on property-preserving encrypted databases . In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. ACM, 644--655 . Muhammad Naveed, Seny Kamara, and Charles V. Wright. 2015. Inference attacks on property-preserving encrypted databases. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. ACM, 644--655."},{"key":"e_1_2_1_89_1","doi-asserted-by":"publisher","DOI":"10.14778\/2994509.2994528"},{"key":"e_1_2_1_90_1","doi-asserted-by":"crossref","unstructured":"Brian Caswell and Jay Beale. 2004. Snort 2.1 Intrusion Detection. Elsevier.  Brian Caswell and Jay Beale. 2004. Snort 2.1 Intrusion Detection. Elsevier.","DOI":"10.1016\/B978-193183604-3\/50006-0"},{"volume-title":"Proceedings of the 20th ACM SIGSAC Conference on Computer and Communications Security (CCS\u201913)","author":"Stefanov E.","key":"e_1_2_1_91_1","unstructured":"E. Stefanov , M. Van Dijk , E. Shi , C. Fletcher , L. Ren , X. Yu , and S. Devadas . 2013. Path ORAM: an extremely simple oblivious RAM protocol . In Proceedings of the 20th ACM SIGSAC Conference on Computer and Communications Security (CCS\u201913) . ACM, 299--310. E. Stefanov, M. Van Dijk, E. Shi, C. Fletcher, L. Ren, X. Yu, and S. Devadas. 2013. Path ORAM: an extremely simple oblivious RAM protocol. In Proceedings of the 20th ACM SIGSAC Conference on Computer and Communications Security (CCS\u201913). ACM, 299--310."},{"key":"e_1_2_1_92_1","doi-asserted-by":"publisher","DOI":"10.1145\/1529282.1529572"}],"container-title":["ACM Transactions on Privacy and Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3439732","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3439732","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3439732","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:01:52Z","timestamp":1750197712000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3439732"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,2,9]]},"references-count":92,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2021,8,31]]}},"alternative-id":["10.1145\/3439732"],"URL":"https:\/\/doi.org\/10.1145\/3439732","relation":{},"ISSN":["2471-2566","2471-2574"],"issn-type":[{"type":"print","value":"2471-2566"},{"type":"electronic","value":"2471-2574"}],"subject":[],"published":{"date-parts":[[2021,2,9]]},"assertion":[{"value":"2019-12-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2020-11-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2021-02-09","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}