Abstract :
In experimental field such as computer systems science, it is common to study real-world behavior as a means of gaining insight. One time-honored methodology is the collection of trace data, either as a snapshot or over a period of time, for later replay or analysis. The sharing of Internet packet traces is very limited because real-world traces contain many kinds of sensitive information, such as host addresses, emails, personal web pages, and even authentication keys. The lack of such traces greatly limits research on application protocols. It is especially crippling for network intrusion detection research, forcing researchers to devise synthetic attacks. In this paper we describe an approach to transform and anonymize packet traces. The paper elaborates on the anonymization of the internet packet traces and corresponding trace transformation The algorithm discussed can anonymize both packet headers and payloads, and can perform application-level transformations such as editing HTTP or SMTP headers, replacing the content of Web items with MD5 hashes, or altering filenames or reply codes that match given patterns. Thus the paper aims to shed light on a new trace transformation & anonymization techniques with features for the future, coupled with reliability and frugal use of resources take technology to the masses as well as the researchers, making the world a truly global village. As such, we hope to help open up new opportunities in Internet measurement and network intrusion detection re-search.
