Traffic flow privacy protection with performance guarantee for classification in large networks (minor revision of INS_D_21_805R3).

Privacy-preserving traffic flow classification has attracted a significant amount of research interest because of its increasing importance to both network management and privacy protection. In this paper, we propose novel methods for effectively protecting network flow identifiers and attributes against privacy inference attacks in port-based and payload-based classifications respectively, and analyze their performance guarantee on data utility for flow classification and privacy (security). For protection of flow identifiers, we propose a partial identifier protection approach applying randomization and anonymization respectively on desired bit positions to conceal sensitive information, and show their expected-case performance guarantee. For protection of flow attributes, we propose a perturbation-based scheme that first selects the representative attributes by deploying an entropy-based attribute selection method to filter out redundant and insignificant attributes and reduce the problem space, then partitions the attribute domains into either equal-depth or equal-width intervals and perturbs attribute values in these intervals by swapping them with those in adjacent intervals and intervals with same value distribution respectively. We analyze the performance guarantee of the proposed methods and show the experiment results of classification accuracy obtained by implementing popular machine-learning based benchmark classifiers on our selected attributes against that on raw attributes, and on our perturbed attribute values against that on raw values, respectively. The experiment results show that our proposed methods for attribute selection and perturbation retain a high degree of data utility under the desired privacy guarantee for network traffic classification. [ABSTRACT FROM AUTHOR]