HTTP-aware anonymisation of packet traces

Document Type

Conference Proceeding


North East Wales Institute


Faculty of Computing, Health and Science


School of Computer and Information Science / Centre for Security Research




Originally published as: Salama, E., Ghita, B., & Furnell, S. (2005, September). HTTP-aware anonymisation of packet traces. In Proceedings of the First International Conference on Internet Technologies and Applications (p. 421-430). Wrexham, North Wales, UK: North East Wales Institute. Original article available here


Current Internet packet traces, used to observe the characteristics of current network applications, must be anonymised when stored, due to legal reasons. This process reduces the application-level statistics that can be later performed on the traces collected. This study evaluates the amount of information that may be retrieved from packet traces that were anonymised, while retaining the HTTP header tags and proposes an anonymising method that supports current research of non-intrusive www characteristics without breaching user privacy. The second part of the study uses the technique proposed to provide detailed statistics about the characteristics of HTTP dialogues, as extracted from anonymised network traces. The results revealed possible sources of bias, such as large files for average object sizes, a relatively high of HTTP 1.0 servers, considering its limitations, and the majority of pages having an age of less than one year.