On Making Encrypted Web Traffic Resistant to Timing-Analysis Attacks
نویسندگان
چکیده
In this paper we introduce a trace-based tunnel that is resistant to traffic analysis in the sense that it provides deniability to users that a specific web page was fetched given that a packet trace is observed on the tunnel. We present a scheduler design for managing the transmission of traces to satisfy user traffic demand while maintaining reasonably low delay and throughput overhead due to dummy packets. Experimental results are also presented demonstrating the effectiveness of this scheduler under a range of realistic network conditions and actual web page fetches.
منابع مشابه
Improving Tor security against timing and traffic analysis attacks with fair randomization
The Tor network is probably one of the most popular online anonymity systems in the world. It has been built based on the volunteer relays from all around the world. It has a strong scientific basis which is structured very well to work in low latency mode that makes it suitable for tasks such as web browsing. Despite the advantages, the low latency also makes Tor insecure against timing and tr...
متن کاملDetecting Bot Networks Based On HTTP And TLS Traffic Analysis
Abstract— Bot networks are a serious threat to cyber security, whose destructive behavior affects network performance directly. Detecting of infected HTTP communications is a big challenge because infected HTTP connections are clearly merged with other types of HTTP traffic. Cybercriminals prefer to use the web as a communication environment to launch application layer attacks and secretly enga...
متن کاملPreventing SSL Traffic Analysis with Realistic Cover Traffic
As more sensitive information is transmitted over computer networks, there has been a steady increase in the deployment of encryption to protect data in-flight. Myriad encrypted network protocols have emerged [8, 2, 1] that enable various applications like encrypted browsing, VPNs, secure shells, and VoIP. Since the data payload of an encrypted protocol is protected by strong encryption, attack...
متن کاملHTTPOS: Sealing Information Leaks with Browser-side Obfuscation of Encrypted Flows
Leakage of private information from web applications— even when the traffic is encrypted—is a major security threat to many applications that use HTTP for data delivery. This paper considers the problem of inferring from encrypted HTTP traffic the web sites or web pages visited by a user. Existing browser-side approaches to this problem cannot defend against more advanced attacks, and serversid...
متن کاملOn Privacy Leakage through Silence Suppression
Silence suppression, an essential feature of speech communications over the Internet, saves bandwidth by disabling voice packet transmission when silence is detected. On the other hand, silence suppression enables an adversary to recover talk patterns from packet timing. In this paper, we investigate privacy leakage through the silence suppression feature. More specifically, we propose a new cl...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره abs/1610.07141 شماره
صفحات -
تاریخ انتشار 2016