Structure preserving anonymization of router configuration data

David A. Maltz, Jibin Zhan, Geoffrey Xie, Hui Zhang, Gísli Hjálmtýsson, Albert Greenberg, Jennifer Rexford

Research output: Chapter in Book/Report/Conference proceedingConference contribution

9 Scopus citations

Abstract

A repository of router configuration files from production networks would provide the research community with a treasure trove of data about network topologies, routing designs, and security policies. However, configuration files have been largely unobtainable precisely because they provide detailed information that could be exploited by competitors and attackers. This paper describes a method for anonymizing router configuration files by removing all information that connects the data to the identity of the originating network, while still preserving the structure of information that makes the data valuable to networking researchers. Anonymizing configuration files has unusual requirements, including preserving relationships between elements of data, anonymizing regular expressions, and robustly coping with more than 200 versions of the configuration language, that mean conventional tools and techniques are poorly suited to the problem. Our anonymization method has been validated with a major carrier, earning unprivileged researchers access to the configuration files of more than 7600 routers in 31 networks. Through example analysis, we demonstrate that the anonymized data retains the key properties of the network design. We believe that applying our single-blind methodology to a large number of production networks from different sources would be of tremendous value to both the research and operations communities.

Original languageEnglish (US)
Title of host publicationProceedings of the 2004 ACM SIGCOMM Internet Measurement Conference, IMC 2004
PublisherAssociation for Computing Machinery
Pages239-244
Number of pages6
ISBN (Print)1581138210, 9781581138214
DOIs
StatePublished - 2004
Externally publishedYes
EventProceedings of the 2004 ACM SIGCOMM Internet Measurement Conference, IMC 2004 - Taormina, Italy
Duration: Oct 25 2004Oct 27 2004

Publication series

NameProceedings of the 2004 ACM SIGCOMM Internet Measurement Conference, IMC 2004

Other

OtherProceedings of the 2004 ACM SIGCOMM Internet Measurement Conference, IMC 2004
Country/TerritoryItaly
CityTaormina
Period10/25/0410/27/04

All Science Journal Classification (ASJC) codes

  • Engineering(all)

Keywords

  • Data anonymization
  • Router configuration
  • Security

Fingerprint

Dive into the research topics of 'Structure preserving anonymization of router configuration data'. Together they form a unique fingerprint.

Cite this