NANOG Meeting Presentation Abstract

Protecting Users\' Privacy when Tracing Network Traffic
Meeting:	NANOG39
Date / Time:	2007-02-05 11:15am - 11:30am
Room:	Osgoode Ballroom
Presenters:	Speakers: Stefan Saroiu, Computer Science, University of Toronto Stefan Saroiu joined the Computer Science at the University of Toronto in 2005 after a brief hiatus at Amazon.com. Stefan received his Ph.D. in 2004 from the University of Washington where he worked with Steve Gribble and Hank Levy. Stefan\'s research interests span the range from operating systems to networking and distributed systems. Troy Ronda, Computer Science, University of Toronto.
Abstract:	One of the current impediments in advancing the state of the art in Internet security research is the lack of scalable network tracing platform available to researchers. Given the complexity of today\'s attacks, packet-level tracing tools are inadequate; instead, today\'s tracing platforms must reconstruct traffic into application state and inspect it for suspicious or deviant behavior. Unfortunately, no such open-source network tracing software is available to researchers. In our project, we are building a highly scalable, open-source network tracing platform that offers adequate privacy and anonymity guarantees to the users whose traffic is monitored. Our tracing infrastructure is reconstructing traffic across several layers, from network to the application layer. We reassemble IP fragments into IP packets, TCP segments into TCP conections, and TCP connections into HTTP transactions. To protect users\' anonymity, our platform does not store any unanonymized data in stable storage. Instead, all work (including capturing and reassembly) is done in volatile memory at line speeds. In our presentation at NANOG, we focus on the privacy requirements for tracing the network traffic of a large Internet user population. We start by describing a list of attacks possible when collecting application-level information by network tracing. We argue that the only way to mitigate the privacy implications of all these attacks is to never store any un-anonymized data to stable storage when tracing. We then present a high-level overview of our open-source network tracing infrastructure. Our goal is to get the NANOG\'s community feedback on our anonymization and privacy protocol as well as their input in the design of our monitoring platform.
Files:	Protecting Users' Privacy when Tracing Network Traffic Stefan Saroiu Presentation(PDF)
Sponsors:	None.

Back to NANOG39 agenda.

NANOG39 Abstracts

• Show All

• Newcomer Orientation and Reception
  Speakers:
  Steve FeldmanCNET; .
  Betty BurkeMerit Network; .
  Bill NortonEquinix; .
  

• Newcomer Orientation and Reception
  Speakers:
  Steve FeldmanCNET; .
  Betty BurkeMerit Network; .
  Bill NortonEquinix; .
  

• Newcomer Orientation and Reception
  Speakers:
  Steve FeldmanCNET; .
  Betty BurkeMerit Network; .
  Bill NortonEquinix; .
  

• Taiwan Earthquake Fiber Cuts: a Service Provider View
  Speakers:
  Sylvie LaPerrière, Teleglobe - VSNLI;

• Quaking Tables: The Taiwan Earthquakes and the Internet Routing Table
  Speakers:
  Todd Underwood, Renesys Corporation; Alin Popescu, Renesys Corporation; Earl Zmijewski, Renesys Corporation;

• Quaking Tables: The Taiwan Earthquakes and the Internet Routing Table
  Speakers:
  Todd Underwood, Renesys Corporation; Alin Popescu, Renesys Corporation; Earl Zmijewski, Renesys Corporation;

• Quaking Tables: The Taiwan Earthquakes and the Internet Routing Table
  Speakers:
  Todd Underwood, Renesys Corporation; Alin Popescu, Renesys Corporation; Earl Zmijewski, Renesys Corporation;

• Follow-up analysis of J root anycast traffic
  Speakers:
  Matt LarsonNone; .
  Mark KostersNone; .
  Piet BarberNone; .
  

• Follow-up analysis of J root anycast traffic
  Speakers:
  Matt LarsonNone; .
  Mark KostersNone; .
  Piet BarberNone; .
  

• Follow-up analysis of J root anycast traffic
  Speakers:
  Matt LarsonNone; .
  Mark KostersNone; .
  Piet BarberNone; .
  

• Protecting Users\' Privacy when Tracing Network Traffic
  Speakers:
  Stefan Saroiu, Computer Science, University of Toronto; Troy RondaComputer Science, University of Toronto; .
  

• Protecting Users\' Privacy when Tracing Network Traffic
  Speakers:
  Stefan Saroiu, Computer Science, University of Toronto; Troy RondaComputer Science, University of Toronto; .
  

• A Technical Approach to Net Neutrality
  Speakers:
  Xiaowei Yang, UC Irvine;

• R-BGP: Ensuring Connectivity During BGP Convergence
  Speakers:
  Nate Kushman, MIT;

• Best Practices for Determining the Traffic Matrix in IP Networks
  Speakers:
  Thomas Telkamp, Cariden Technologies, Inc.;

• ISP Security
  Speakers:
  Danny McPhersonArbor Networks; .
  

• NetFlow to guard the Infrastructure
  Speakers:
  Yann BerthierNone; .
  

• IP Multicast/Multipoint for IPTV (and beyond)
  Speakers:
  Toerless EckertCisco Systems; .
  

• Pushing the FIB limits, perspectives on pressures confronting modern routers
  Speakers:
  Joel JaeggliNokia; .
  

• Keynote: Video over the Internet: Can we break the Net?
  Speakers:
  Mark Kortekaas, CTO - CBS Interactive;

• 4-Byte ASNs - The View from the Old BGP World
  Speakers:
  Geoff Huston, APNIC;

• Deployment of 32 bit AS Numbers
  Speakers:
  Henk Uijterwaal, RIPE NCC;

• Diagnosing Network Disruptions with Network-Wide Analysis
  Speakers:
  Yiyi HuangGeorgia Tech University; .
  Nick Feamster, Georgia Tech University; Jim XuGeorgia Tech University; .
  Anukool LakhinaGuavus; .
  

• Diagnosing Network Disruptions with Network-Wide Analysis
  Speakers:
  Yiyi HuangGeorgia Tech University; .
  Nick Feamster, Georgia Tech University; Jim XuGeorgia Tech University; .
  Anukool LakhinaGuavus; .
  

• Diagnosing Network Disruptions with Network-Wide Analysis
  Speakers:
  Yiyi HuangGeorgia Tech University; .
  Nick Feamster, Georgia Tech University; Jim XuGeorgia Tech University; .
  Anukool LakhinaGuavus; .
  

• Diagnosing Network Disruptions with Network-Wide Analysis
  Speakers:
  Yiyi HuangGeorgia Tech University; .
  Nick Feamster, Georgia Tech University; Jim XuGeorgia Tech University; .
  Anukool LakhinaGuavus; .
  

• BGP Troubleshooting Techniques (Part 1)
  Speakers:
  Philip Smith, Cisco Systems;

• Peering BOF XIV (Part 1)
  Speakers:
  Bill Norton, Equinix; Christopher QuesadaSwitch & Data; .
  

• Peering BOF XIV (Part 1)
  Speakers:
  Bill Norton, Equinix; Christopher QuesadaSwitch & Data; .
  

• IPv6 Network Operations
  Speakers:
  Stewart Bamford, Level 3 Communications;

• How to Host a NANOG Meeting
  Speakers:
  Joe AbleyAfilias Canada; .
  

• Supporting Hybrid Services at an International Exchange Facility: The Experience of Pacific Wave
  Speakers:
  Dave McGaugh, Pacific Northwest Gigapop;

• Beyond 200 Gbps
  Speakers:
  Niels BakkerAMS-IX; .
  

• sFlow Why you should use it and like it
  Speakers:
  Richard A. SteenbergennLayer Communications; .
  

• Introduction to Fast Convergence with Bidirectional Forwarding Detection (BFD)
  Speakers:
  Aamer Akhter, Cisco Systems;

• Foray into MPLS
  Speakers:
  Guy TalLimelight Networks; .