Title: PCAPLib: A System of Extracting, Classifying, and Anonymizing Real Packet Traces
Authors: Lin, Ying-Dar
Lin, Po-Ching
Wang, Sheng-Hao
Chen, I-Wei
Lai, Yuan-Cheng
資訊工程學系
網路測試中心
Department of Computer Science
Network Benchmarking Lab
Keywords: Packet anonymization;privacy;trace repository;utility
Issue Date: Jun-2016
Abstract: This paper presents the PCAPLib system for providing extracted, well-classified, and anonymized packet traces from real network traffic with two mechanisms. First, active trace collection actively extracts and classifies packet traces into sessions by leveraging multiple detection devices. Second, deep packet anonymization protects the privacy in the packet payloads for hundreds of application protocols while preserving the utility of the traces. We evaluate 318 anonymized packet traces collected over a period of four months and show that the efficiency of anonymization is up to 96%. The usefulness of this system for assessing false positives/false negatives in intrusion detection has been also demonstrated.
URI: http://dx.doi.org/10.1109/JSYST.2014.2301464
http://hdl.handle.net/11536/132579
ISSN: 1932-8184
DOI: 10.1109/JSYST.2014.2301464
Journal: IEEE SYSTEMS JOURNAL
Volume: 10
Issue: 2
Begin Page: 520
End Page: 531
Appears in Collections:Articles