Experimental Evaluation of Network Telemetry Anonymization for Cloud Based Security Analysis

Abstract

Network telemetry data is considered a gold mine for researchers for performing traffic analysis, QoS, security forensics, malware spread etc. Cloud Consumers could benefit from variety of Cloud based security services if such telemetry data is made available. But there is a compelling need for ensuring privacy of sensitive fields before data is shared with any Cloud provider. In this paper we provide thorough experimental evaluation of data anonymization techniques. We explore the viability of onion layered encryption techniques for practical security forensics on anonymized data. We provide results of such experiments and our analysis of the same. Our major observation is that onion layered techniques do not scale for more advanced analytic use cases.