Finding a Needle in a Haystack: The Traffic Analysis Version-Reference-Cited by-同舟云学术

Finding a Needle in a Haystack: The Traffic Analysis Version

Published:2019-04-01 Issue:2 Volume:2019 Page:270-290
ISSN:2299-0984
Container-title:Proceedings on Privacy Enhancing Technologies
language:en
Short-container-title:

Author:

Qasem Abdullah¹,Zhioua Sami²,Makhlouf Karima³

Affiliation:

1. Concordia University ,

2. King Fahd University of Petroleum and Minerals ,

3. Imam Abdulrahman Bin Faisal University ,

Abstract

Abstract Traffic analysis is the process of extracting useful/sensitive information from observed network traffic. Typical use cases include malware detection and website fingerprinting attacks. High accuracy traffic analysis techniques use machine learning algorithms (e.g. SVM, kNN) and require to split the traffic into correctly separated blocks. Inspired by digital forensics techniques, we propose a new network traffic analysis approach based on similarity digest. The approach features several advantages compared to existing techniques, namely, fast signature generation, compact signature representation using Bloom filters, efficient similarity detection between packet traces of arbitrary sizes, and in particular dropping the traffic splitting requirement altogether. Experimental results show very promising results on VPN and malware traffic, but low results on Tor traffic due mainly to the single-size cells feature.

Publisher

Walter de Gruyter GmbH

Subject

General Medicine

Link

https://www.sciendo.com/pdf/10.2478/popets-2019-0030

Reference49 articles.

1. [1] D. Herrmann, R. Wendolsky, and H. Federrath, “Website fingerprinting: attacking popular privacy enhancing technologies with the multinomial naive-bayes classifier,” in Proceedings of the 2009 ACM workshop on Cloud computing security, ser. CCSW ’09. New York, NY, USA: ACM, 2009, pp. 31–42.

2. [2] A. Panchenko, L. Niessen, A. Zinnen, and T. Engel, “Website fingerprinting in onion routing based anonymization networks,” in Proceedings of the 10th annual ACM workshop on Privacy in the electronic society, ser. WPES ’11. New York, NY, USA: ACM, 2011, pp. 103–114.

3. [3] X. Cai, X. C. Zhang, B. Joshi, and R. Johnson, “Touching from a distance: website fingerprinting attacks and defenses,” in Proceedings of the 2012 ACM conference on Computer and communications security, ser. CCS ’12. New York, NY, USA: ACM, 2012, pp. 605–616.

4. [4] T. Wang and I. Goldberg, “Improved website fingerprinting on tor,” in 12th ACM Workshop on Privacy in the Electronic Society, ser. WPES’13. ACM, 2013.

5. [5] T. Wang, X. Cai, R. Nithyanand, R. Johnson, and I. Gold-berg, “Effective attacks and provable defenses for website fingerprinting.” in USENIX Security, 2014, pp. 143–157.

Cited by 5 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Toward enhancing web privacy on HTTPS traffic: A novel SuperLearner attack model and an efficient defense approach with adversarial examples;Computers & Security;2024-04

2. SMRT:An Effective Malicious Node Resistance Design for Mixnets;2022 7th IEEE International Conference on Data Science in Cyberspace (DSC);2022-07

3. A Game-Theoretically Optimal Defense Paradigm against Traffic Analysis Attacks using Multipath Routing and Deception;Proceedings of the 27th ACM on Symposium on Access Control Models and Technologies;2022-06-07

4. Website Fingerprinting in the Age of QUIC;Proceedings on Privacy Enhancing Technologies;2021-01-29

5. Protecting against Website Fingerprinting with Multihoming;Proceedings on Privacy Enhancing Technologies;2020-04-01