PD-PAn: Prefix- and Distribution-Preserving Internet of Things Traffic Anonymization
-
Published:2023-10-21
Issue:20
Volume:12
Page:4369
-
ISSN:2079-9292
-
Container-title:Electronics
-
language:en
-
Short-container-title:Electronics
Author:
Gu Xiaodan1ORCID,
Dong Kai1
Affiliation:
1. School of Computer Science and Engineering, Southeast University, Nanjing 211189, China
Abstract
One of the features of network traffic in Internet of Things (IoT) environments is that various IoT devices periodically communicate with their vendor services by sending and receiving packets with unique characteristics through private protocols. This paper investigates semantic attacks in IoT environments. An IoT semantic attack is active, covert, and more dangerous in comparison with traditional semantic attacks. A compromised IoT server actively establishes and maintains a communication channel with its device, and covertly injects fingerprints into the communicated packets. Most importantly, this server not only de-anonymizes other IPs, but also infers the machine states of other devices (IPs). Traditional traffic anonymization techniques, e.g., Crypto-PAn and Multi-View, either cannot ensure data utility or is vulnerable to semantic attacks. To address this problem, this paper proposes a prefix- and distribution-preserving traffic anonymization method named PD-PAn, which generates multiple anonymized views of the original traffic log to defend against semantic attacks. The prefix relationship is preserved in the real view to ensure data utility, while the IP distribution characteristic is preserved in all the views to ensure privacy. Intensive experiments verify the vulnerability of the state-of-the-art techniques and effectiveness of PD-PAn.
Funder
Natural Science Foundation of China
Jiangsu Provincial Natural Science Foundation of China
Jiangsu Provincial Key R&D Program
Jiangsu Provincial Key Laboratory of Network and Information Security
Key Laboratory of Computer Network and Information Integration of Ministry of Education of China
Subject
Electrical and Electronic Engineering,Computer Networks and Communications,Hardware and Architecture,Signal Processing,Control and Systems Engineering
Reference46 articles.
1. Gartner (2022, July 15). Market Guide for Network Traffic Analysis. Available online: https://www.gartner.com/en/documents/3902353.
2. Oltsik, J. (2022, July 15). ESG White Paper: Network Traffic Analysis (NTA): A Cybersecurity ‘Quick Win’. Available online: https://www.readkong.com/page/network-traffic-analysis-nta-a-cybersecurity-quick-win-5804677.
3. AuvikNetworks (2022, July 15). Auvik. Available online: https://www.auvik.com/.
4. (2022, July 15). MixMode. Available online: https://mixmode.ai/.
5. Prefix-preserving IP address anonymization: Measurement-based security evaluation and a new cryptography-based scheme;Fan;Comput. Netw.,2004