Synthetic network data generators (SynNetGens) are increasingly used to share realistic traffic traces without exposing sensitive raw data. While substantial effort has gone into improving fidelity, privacy is either assumed to be a built-in property of synthesis or addressed through differential privacy at the packet or flow level. This paper uncovers a fundamental privacy vulnerability: SynNetGens preserve cross-flow behavioral correlations that expose source-level membership, allowing an attacker to determine whether traffic of specific user, or service was included in the training data. This leakage arises from a mismatch in abstraction: existing SynNetGens operate and are protected at the packet or flow level, while sensitive information is encoded in correlations across flows from the same source. To demonstrate that this vulnerability is exploitable in practice, we develop TraceBleed, the first source-level membership inference attack against black-box SynNetGens. Our evaluation spans five datasets and six SynNetGens, revealing that: (i) every generator leaks source-level information on at least some datasets; (ii) flow- or packet-level differential privacy fails to protect source privacy unless fidelity is degraded to unusable levels; and (iii) releasing 10X more synthetic data amplifies leakage by 130% on average. To support ongoing research in this area, we will maintain a public privacy-fidelity leaderboard so practitioners can choose generators that fit their needs and researchers can benchmark new designs faithfully.

翻译：合成网络数据生成器（SynNetGens）越来越多地用于共享逼真的流量轨迹，而无需暴露敏感原始数据。尽管大量工作致力于提升保真度，但隐私要么被视为合成的固有属性，要么通过数据包或流级别的差分隐私来处理。本文揭示了一个根本性的隐私漏洞：SynNetGens保留了跨流行为相关性，从而暴露了源级成员关系，使得攻击者能够判断特定用户或服务的流量是否包含在训练数据中。这种泄漏源于抽象层面的不匹配：现有SynNetGens在数据包或流级别运行并受到保护，而敏感信息却编码在来自同一源的不同流之间的相关性中。为了证明此漏洞在实践中是可利用的，我们开发了TraceBleed，这是首个针对黑盒SynNetGens的源级成员推断攻击。我们的评估跨越了五个数据集和六个SynNetGens，揭示了：（i）每个生成器在至少某些数据集上泄漏源级信息；（ii）除非将保真度降低到不可用水平，否则流级别或数据包级别的差分隐私无法保护源隐私；（iii）释放10倍于原始大小的合成数据会使泄漏平均放大130%。为了支持该领域的持续研究，我们将维护一个公开的隐私-保真度排行榜，使从业者能够选择适合其需求的生成器，并让研究人员能够忠实地基准测试新设计。