{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:08:33Z","timestamp":1750219713467,"version":"3.41.0"},"reference-count":29,"publisher":"Association for Computing Machinery (ACM)","issue":"4","license":[{"start":{"date-parts":[[2023,10,20]],"date-time":"2023-10-20T00:00:00Z","timestamp":1697760000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Department of Engergy","award":["#DE-SC0021525"],"award-info":[{"award-number":["#DE-SC0021525"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["Digital Threats"],"published-print":{"date-parts":[[2023,12,31]]},"abstract":"<jats:p>A large volume of network trace data are collected by the government and public and private organizations and can be analyzed for various purposes such as resolving network problems, improving network performance, and understanding user behavior. However, most organizations are reluctant to share their data with any external experts for analysis, because they contain sensitive information deemed proprietary to the organization, thus raising privacy concerns. Even if the payload of network packets is not shared, header data may disclose sensitive information that adversaries can exploit to perform unauthorized actions. So network trace data need to be anonymized before being shared. Most of the existing anonymization tools have two major shortcomings: (1) they cannot provide provable protection, and (2) their performance relies on setting the right parameter values such as the degree of privacy protection and the features that should be anonymized, but there is little assistance for a user to optimally set these parameters. This article proposes a self-adaptive and secure approach to anonymize network trace data and provides provable protection and automatic optimal settings of parameters. A comparison of the proposed approach with existing anonymization tools via experimentation demonstrated that the proposed method outperforms the existing anonymization techniques.<\/jats:p>","DOI":"10.1145\/3617181","type":"journal-article","created":{"date-parts":[[2023,8,26]],"date-time":"2023-08-26T10:32:07Z","timestamp":1693045927000},"page":"1-20","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["A Self-adaptive and Secure Approach to Share Network Trace Data"],"prefix":"10.1145","volume":"4","author":[{"ORCID":"https:\/\/orcid.org\/0009-0009-4321-6841","authenticated-orcid":false,"given":"Antonios","family":"Xenakis","sequence":"first","affiliation":[{"name":"University of Maryland Baltimore County, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0000-4822-5522","authenticated-orcid":false,"given":"Sabrina Mamtaz","family":"Nourin","sequence":"additional","affiliation":[{"name":"University of Maryland Baltimore County, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6984-7248","authenticated-orcid":false,"given":"Zhiyuan","family":"Chen","sequence":"additional","affiliation":[{"name":"University of Maryland Baltimore County, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2208-0801","authenticated-orcid":false,"given":"George","family":"Karabatis","sequence":"additional","affiliation":[{"name":"University of Maryland Baltimore County, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4337-1488","authenticated-orcid":false,"given":"Ahmed","family":"Aleroud","sequence":"additional","affiliation":[{"name":"Augusta University, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-8580-187X","authenticated-orcid":false,"given":"Jhancy","family":"Amarsingh","sequence":"additional","affiliation":[{"name":"University of Maryland Baltimore County, USA"}]}],"member":"320","published-online":{"date-parts":[[2023,10,20]]},"reference":[{"key":"e_1_3_1_2_2","unstructured":"Internet 2. 2014. Internet 2\u2019s Network Flow Data Privacy Policy. Retrieved from https:\/\/internet2.edu\/security\/routing-security\/network-flow-data-privacy-policy\/"},{"key":"e_1_3_1_3_2","doi-asserted-by":"publisher","DOI":"10.1145\/342009.335438"},{"key":"e_1_3_1_4_2","doi-asserted-by":"publisher","DOI":"10.1145\/3425401"},{"key":"e_1_3_1_5_2","unstructured":"Jasper Bongert. 2020. TcraceWrangler. Retrieved from https:\/\/www.tracewrangler.com\/"},{"key":"e_1_3_1_6_2","first-page":"179","volume-title":"International Workshop on Privacy Enhancing Technologies","author":"Brekne T\u00f8nnes","year":"2005","unstructured":"T\u00f8nnes Brekne, Andr\u00e9 \u00c5rnes, and Arne \u00d8sleb\u00f8. 2005. Anonymization of ip traffic monitoring data: Attacks on two prefix-preserving anonymization schemes and some proposed remedies. In International Workshop on Privacy Enhancing Technologies. Springer, 179\u2013196."},{"key":"e_1_3_1_7_2","doi-asserted-by":"publisher","DOI":"10.1145\/1672308.1672310"},{"key":"e_1_3_1_8_2","first-page":"581","volume-title":"Proceedings of the 11th EAI International Conference on Security and Privacy in Communication Networks (SecureComm\u201915)","author":"Cao Kai","year":"2015","unstructured":"Kai Cao, Yunchun Li, Hailong Yang, Jiqiang Tang, and Xiaoxiang Zou. 2015. Poster: An online prefix-preserving ip address anonymization algorithm for passive measurement systems. In Proceedings of the 11th EAI International Conference on Security and Privacy in Communication Networks (SecureComm\u201915). Springer, 581\u2013584."},{"key":"e_1_3_1_9_2","first-page":"1","volume-title":"Proceedings of the 19th Annual International Conference on Privacy, Security & Trust (PST\u201922)","author":"Dandyan Shaveta","year":"2022","unstructured":"Shaveta Dandyan, Habib Louafi, and Samira Sadaoui. 2022. A feistel network-based prefix-preserving anonymization approach, applied to network traces. In Proceedings of the 19th Annual International Conference on Privacy, Security & Trust (PST\u201922). IEEE, 1\u201311."},{"issue":"3","key":"e_1_3_1_10_2","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3182660","article-title":"A survey of network traffic anonymisation techniques and implementations","volume":"51","author":"Dijkhuizen Niels Van","year":"2018","unstructured":"Niels Van Dijkhuizen and Jeroen Van Der Ham. 2018. A survey of network traffic anonymisation techniques and implementations. ACM Comput. Surv. 51, 3 (2018), 1\u201327.","journal-title":"ACM Comput. Surv."},{"key":"e_1_3_1_11_2","doi-asserted-by":"publisher","DOI":"10.5555\/1791834.1791836"},{"key":"e_1_3_1_12_2","doi-asserted-by":"publisher","DOI":"10.1561\/0400000042"},{"key":"e_1_3_1_13_2","unstructured":"F. F. Prasser K. Babioch Kohlmayer I. Vujosevic and R. Bild.2021. Arx Data Anonymization Tool. Retrieved from https:\/\/arx.deidentifier.org\/"},{"key":"e_1_3_1_14_2","doi-asserted-by":"publisher","DOI":"10.1017\/9781108348973"},{"key":"e_1_3_1_15_2","unstructured":"Francesco Gringoli. 2009. Tcpanon. Retrieved from http:\/\/netweb.ing.unibs.it\/ntw\/tools\/tcpanon\/"},{"key":"e_1_3_1_16_2","unstructured":"Packet Clearing House Inc. 2018. Protected repository for the defense of infrastructure against cyber threats (PREDICT) dataset development and hosting. https:\/\/apps.dtic.mil\/sti\/citations\/AD1050331"},{"key":"e_1_3_1_17_2","doi-asserted-by":"publisher","DOI":"10.1126\/sciadv.abk3283"},{"key":"e_1_3_1_18_2","first-page":"2302","volume-title":"Proceedings of the IEEE International Conference on Communications","volume":"5","author":"Koukis Dimitris","year":"2006","unstructured":"Dimitris Koukis, Spyros Antonatos, Demetres Antoniades, Evangelos P. Markatos, and Panagiotis Trimintzios. 2006. A generic anonymization framework for network traffic. In Proceedings of the IEEE International Conference on Communications, Vol. 5. IEEE, 2302\u20132309."},{"issue":"2","key":"e_1_3_1_19_2","first-page":"520","article-title":"Pcaplib: A system of extracting, classifying, and anonymizing real packet traces","volume":"10","author":"Lin Ying-Dar","year":"2014","unstructured":"Ying-Dar Lin, Po-Ching Lin, Sheng-Hao Wang, I-Wei Chen, and Yuan-Cheng Lai. 2014. Pcaplib: A system of extracting, classifying, and anonymizing real packet traces. IEEE Syst. J. 10, 2 (2014), 520\u2013531.","journal-title":"IEEE Syst. J."},{"key":"e_1_3_1_20_2","doi-asserted-by":"publisher","DOI":"10.1145\/1851275.1851199"},{"key":"e_1_3_1_21_2","doi-asserted-by":"publisher","DOI":"10.1109\/FOCS.2007.41"},{"key":"e_1_3_1_22_2","first-page":"459","volume-title":"Proceedings of the ACM SIGSAC Conference on Computer and Communications Security","author":"Mohammady Meisam","year":"2018","unstructured":"Meisam Mohammady, Lingyu Wang, Yuan Hong, Habib Louafi, Makan Pourzandi, and Mourad Debbabi. 2018. Preserving both privacy and utility in network trace anonymization. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. 459\u2013474."},{"key":"e_1_3_1_23_2","first-page":"25","volume-title":"Proceedings of the 4th International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS\u201915)","author":"Moustafa Nour","year":"2015","unstructured":"Nour Moustafa and Jill Slay. 2015. The significant features of the UNSW-NB15 and the KDD99 data sets for network intrusion detection systems. In Proceedings of the 4th International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS\u201915). IEEE, 25\u201331."},{"key":"e_1_3_1_24_2","first-page":"1","volume-title":"Proceedings of the Military Communications and Information Systems Conference (MilCIS\u201915)","author":"Moustafa Nour","year":"2015","unstructured":"Nour Moustafa and Jill Slay. 2015. UNSW-NB15: A comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In Proceedings of the Military Communications and Information Systems Conference (MilCIS\u201915). IEEE, 1\u20136."},{"key":"e_1_3_1_25_2","doi-asserted-by":"publisher","DOI":"10.1007\/s00778-014-0351-4"},{"key":"e_1_3_1_26_2","doi-asserted-by":"publisher","DOI":"10.1142\/S0218488502001648"},{"key":"e_1_3_1_27_2","unstructured":"United States Code. 2022. U.S. Code - Unannotated Title 6. Domestic Security \u00a7 485 Information sharing (j)(2).Retrieved from https:\/\/uscode.house.gov\/view.xhtml?req=(title:6%20section:485%20edition:prelim)"},{"key":"e_1_3_1_28_2","volume-title":"Recital 26 Eu GDPR","author":"Vollmer N.","year":"2018","unstructured":"N. Vollmer. 2018. Recital 26 Eu GDPR. Retrieved from https:\/\/www.privacy-regulation.eu\/en\/recital-26-GDPR.htm"},{"key":"e_1_3_1_29_2","first-page":"280","volume-title":"Proceedings of the 10th IEEE International Conference on Network Protocols.","author":"Xu Jun","year":"2002","unstructured":"Jun Xu, Jinliang Fan, Mostafa H. Ammar, and Sue B. Moon. 2002. Prefix-preserving ip address anonymization: Measurement-based security evaluation and a new cryptography-based scheme. In Proceedings of the 10th IEEE International Conference on Network Protocols. IEEE, 280\u2013289."},{"key":"e_1_3_1_30_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.neucom.2020.07.061"}],"container-title":["Digital Threats: Research and Practice"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3617181","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3617181","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T16:36:07Z","timestamp":1750178167000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3617181"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,10,20]]},"references-count":29,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2023,12,31]]}},"alternative-id":["10.1145\/3617181"],"URL":"https:\/\/doi.org\/10.1145\/3617181","relation":{},"ISSN":["2692-1626","2576-5337"],"issn-type":[{"type":"print","value":"2692-1626"},{"type":"electronic","value":"2576-5337"}],"subject":[],"published":{"date-parts":[[2023,10,20]]},"assertion":[{"value":"2022-07-15","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2023-08-11","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2023-10-20","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}