PktAnon performs network trace anonymization. It is highly configurable and uses anonymization profiles. Arbitrary anonymization primitives can be mapped to protocol attributes, thus providing high flexibility and easy to deploy anonymization profiles.
A huge number of anonymization primitives and network protocols are supported and ready to use for online and offline anonymization. New network protocols and anonymization primitives can be developed and interated easily into PktAnon.
PktAnon pursues a structured approach: Network packets are first transfered into internal structures using protocol parsers. Each network packet is parsed and transformed into an internal structure of chained protocol objects. The anonymization process itself is not performed on the network data itself but rather on new, empty network packets. A new, empty chain is created using the same protocol encapsulation. Data of each protocol attribute is then manipulated using the assigned anonymization primitive and the resulting data is set in the new, empty protocol object. We call this approach 'defensive transformation'. Using defensive transformation no sensitive data can breach due to software failure or malformed network packets.