Protecting user privacy with multi-field anonymisation of ip addresses

Before sharing or publishing network traffic data, anonymisation is regarded as a necessary step to protect the privacy of end users. This is especially important for Internet protocol (IP) addresses that could be resolved to a single end user. The most frequently used IP address anonymisation algorithms replace each IP address with a randomly or deterministically computed pseudonym. This static mapping however can present an anonymisation vulnerability, since pattern analysis or spoofing may allow to revert the mapping for selected addresses. In this paper, we propose a new algorithm for anonymising connection data, with the emphasis on IP packet-based network data captured on computer networks. It is worth noting however that except for IP packet-based network data, it is possible to use the proposed algorithm to anonymise any kind of connection data, such as aggregated packet data, t'packet flow data, telephone connection data as well as data associated with the usage of Web services or the accesses to Web servers. We first present the new algorithm and then show that it provides better security against reversing the IP-to-pseudonym mapping at the cost of slightly reduced usefulness of the anonymised data. Specifically, we evaluate the advantages of the proposed algorithm over the most frequently used IP address anonymisation algorithms in terms of the usefulness of the anonymised data with respect to network attack detection methods.