Research Article
Flexible and high-performance anonymization of NetFlow records using anontool
@INPROCEEDINGS{10.1109/SECCOM.2007.4550304, author={Michalis Foukarakis and Demetres Antoniades and Spiros Antonatos and Evangelos Markatos}, title={Flexible and high-performance anonymization of NetFlow records using anontool}, proceedings={3rd International ICST Workshop on the Value of Security through Collaboration}, publisher={IEEE}, proceedings_a={SECOVAL}, year={2008}, month={6}, keywords={}, doi={10.1109/SECCOM.2007.4550304} }- Michalis Foukarakis
Demetres Antoniades
Spiros Antonatos
Evangelos Markatos
Year: 2008
Flexible and high-performance anonymization of NetFlow records using anontool
SECOVAL
IEEE
DOI: 10.1109/SECCOM.2007.4550304
Abstract
Netflow is a protocol widely adopted by the security and performance measurements community. Nowadays, many distributed applications and architectures base their functionality on Netflow data collected at diverse environments. However, communities and administrators are reluctant to share exported Netflow data for privacy reasons. As a consequence, the effectiveness of distributed approaches is limited due to lack of input data. To overcome this limitation, anonymization on Netflow data is proposed for sharing. However, the available tools are either proprietary or of very limited functionality. Towards this direction, we propose and implement anontool, that allow administrators to anonymize Netflow data in a highly customizable way. A comparison of anontool with existing solutions is provided along two dimensions: functionality and performance. Anontool can anonymize traffic even at high bandwidth rates, outperforming most of the tools and having same performance with specialized - but very limited in functionality - approaches.
