Netshuffle: Improving Traffic Trace Anonymization Through Graph Distortion
Traffic traces provide valuable data to researchers and organizations alike. However, organizations that provide this information do not wish to expose the internal workings of their networks to potential attack. Traffic trace anonymization attempts to mitigate this concern by hiding sensitive information while preserving most of the empirical value of the trace. Unfortunately, many attacks such as statistical fingerprinting, known-plaintext, and port evaluation can serve to identify communications within a trace which can lead an attacker to the real-world identities of anonymized devices. The inherent graph structure embedded in network traffic stands as a primary lever in achieving such de-anonymization.