Network Telemetry Anonymization for Cloud Based Security Analysis - Best Practices

Abstract

Availability of network telemetry data aides in identifying security compromises, malicious traffic patterns, malware spread etc. There are varieties of Cloud based security services available for consumers to benefit from but on another hand there is a compelling need for ensuring privacy of sensitive fields before data is shared with any cloud provider. Anonymization techniques based on micro-data or macro-data have challenges in terms of attacks possible, scalability and practicality. In this paper we discuss challenges in privacy-preserving cloudification of network telemetry data. We present practical and scalable techniques for network data anonymization. These techniques ensure the privacy of the sensitive fields while retaining the ability to perform security forensics and analytics. We also provide best practices for ensuring successful data anonymization.