Privacy Preserving Log File Processing in Mobile Network Environment
Download as PPTX, PDF1 like509 views
Noise addition for anonymisation is a known technique for increasing the privacy of a data sets. However this technique is often presented as individual and independent, or, just stated as techniques to be applied. This increases the danger of misapplication of these techniques and a resulting anonymised data set that is open to relatively easy re-identification or reconstruction. To better understand the application of these techniques we demonstrate their application to a specific domain - that of network trace anonymisation.
More Related Content
What's hot (20)
Similar to Privacy Preserving Log File Processing in Mobile Network Environment (20)
Recently uploaded (20)
Privacy Preserving Log File Processing in Mobile Network Environment
- 1. 1 息 Nokia Solutions and Networks 2014 Privacy Preserving Log File Processing in Mobile Network Environment Shankar Lal 16-06-2015
- 2. 2 息 Nokia Solutions and Networks 2014 Presentation outline Introduction and background review Cases of privacy breach Statistical analysis over Network trace Continuous fields anonymisation through Differential Privacy Discrete fields anonymisation through -diversity IP address anonymisation Future work and conclusion
- 3. 3 息 Nokia Solutions and Networks 2014 Introduction and Objectives of this work
- 4. 4 息 Nokia Solutions and Networks 2014 Background review Data Privacy Need of privacy in user data Sharing of network trace data Tradeoff between data utility and data privacy
- 5. 5 息 Nokia Solutions and Networks 2014 Privacy Laws PII (Personally Identifying Information) US privacy law Personal Data EU Data protection Directive
- 6. 6 息 Nokia Solutions and Networks 2014 IP address as Personal Data Arguments on both sides EU consider it personal (UK is exception) US consider it non-personal
- 7. 7 息 Nokia Solutions and Networks 2014 Cases of privacy breach from anonymised data sets
- 8. 8 息 Nokia Solutions and Networks 2014 There's No Such Thing As An Anonymized Dataset
- 9. 9 息 Nokia Solutions and Networks 2014 Netflix anonymous data set and user privacy breach
- 10. 10 息 Nokia Solutions and Networks 2014 AOL anonymous data set of user queries
- 11. 11 息 Nokia Solutions and Networks 2014 Identification of medical record of former governor of Massachusetts William Weld Former governor of Massachusetts
- 12. 12 息 Nokia Solutions and Networks 2014 Statistical analysis over Network traces
- 13. 13 息 Nokia Solutions and Networks 2014 Sample of a Network Log file
- 14. 14 息 Nokia Solutions and Networks 2014 Statistical Analysis on network trace I
- 15. 15 息 Nokia Solutions and Networks 2014 Statistical Analysis on network trace II Most used protocols Most used packet lengths Source and destination IP class count IP class packet length distribution
- 16. 16 息 Nokia Solutions and Networks 2014 Functional dependencies between fields
- 17. 17 息 Nokia Solutions and Networks 2014 Why packet length and timestamp fields are sensitive? Certain security incidents have fixed packet length Slammer worm 404 bytes Nachi worm 92 bytes Timestamp along with IP address reveals communication existed between parties.
- 18. 18 息 Nokia Solutions and Networks 2014 Privatizing network trace
- 19. 19 息 Nokia Solutions and Networks 2014 Privacy Enhancing Technologies (PETs) Hashing Encryption Randomization and Tokenization k-anonymity New Inclusions: Differential Privacy ≒-diversity
- 20. 20 息 Nokia Solutions and Networks 2014 k-anonymity Main idea: Generalization Suppression Perturbation
- 21. 21 息 Nokia Solutions and Networks 2014 Example on network data set Sample Data set 2-anonymous data set
- 22. 22 息 Nokia Solutions and Networks 2014 Differential Privacy: Anonymisation of continuous fields
- 23. 23 息 Nokia Solutions and Networks 2014 Differential Privacy Differential privacy algorithm states that probability that data set D1 produces output C is very close to the probability of data set D2 producing same output. Laplace noise calculation: Scale parameter b = f/ 狼 Mean 亮 =0 f =sensitivity of the function 狼= Privacy parameter Probability density plots of Laplace distributions
- 24. 24 息 Nokia Solutions and Networks 2014 Noise addition through Differential Privacy Original Distribution 狼 =0.01狼 =0.1 Packet length field
- 25. 25 息 Nokia Solutions and Networks 2014 Noise addition through Differential Privacy 狼 =0.01狼 =0.1Original Distribution Timestamp field
- 26. 26 息 Nokia Solutions and Networks 2014 Comparison between original and noisy data Packet Length Time stamp
- 27. 27 息 Nokia Solutions and Networks 2014 -diversity: Anonymisation of discrete fields
- 28. 28 息 Nokia Solutions and Networks 2014 -diversity A q-block is -diverse if contains at least well-represented values for the sensitive attribute (in other words, diversity in the sensitive attributes).
- 29. 29 息 Nokia Solutions and Networks 2014 Example on network data set Sample Data set 3-diverse Data set
- 30. 30 息 Nokia Solutions and Networks 2014 -diversity technique <Change information classification in footer>
- 31. 31 息 Nokia Solutions and Networks 2014 Equivalence class creation Equivalence class name Protocol name Protocol name Protocol name Protocol name Transport Protocols TCP UDP * * Management Protocols DNS ICMP DHCP ARP Security Protocols TLS SSL SSH HTTPS Mobile Networks Protocols SSMP GTP GTPv2 UCP Other Protocols * * * *
- 32. 32 息 Nokia Solutions and Networks 2014 5-diverse data set <Change information classification in footer>
- 33. 33 息 Nokia Solutions and Networks 2014 Other Noise addition techniques
- 34. 34 息 Nokia Solutions and Networks 2014 Zero Mean noise addition
- 35. 35 息 Nokia Solutions and Networks 2014 Noise addition by summing LSBs technique Example: 1414 1414+9= 1423 LSBs
- 36. 36 息 Nokia Solutions and Networks 2014 IP address Anonymisation
- 37. 37 息 Nokia Solutions and Networks 2014 Anonymising IP addresses Method: 1. Last octet Obfuscation Method: 2. Transformation to IP class Goal is to anonymise IP addresses but also preserve network topology information
- 38. 38 息 Nokia Solutions and Networks 2014 Final Anonymised data set
- 39. 39 息 Nokia Solutions and Networks 2014 Anonymised network trace <Change information classification in footer>
- 40. 40 息 Nokia Solutions and Networks 2014 Conclusion and Future Work
- 41. 41 息 Nokia Solutions and Networks 2014 Conclusion Preserving user privacy in a network trace. Analyzing Functional dependencies between the fields. Packet length and timestamp anonymisation by Differential Privacy and -diversity technique. Deciding the best values of privacy parameter 竜 IP addresses anonymisation by last octet obfuscation method .
- 42. 42 息 Nokia Solutions and Networks 2014 Future work Framework for calculating best value of epsilon Re-identification testing Feature extraction/Clustering Anomaly detection/Malware Analysis <Change information classification in footer>
- 43. 43 息 Nokia Solutions and Networks 2014 Thank you Questions?