793 research outputs found
TARANET: Traffic-Analysis Resistant Anonymity at the NETwork layer
Modern low-latency anonymity systems, no matter whether constructed as an
overlay or implemented at the network layer, offer limited security guarantees
against traffic analysis. On the other hand, high-latency anonymity systems
offer strong security guarantees at the cost of computational overhead and long
delays, which are excessive for interactive applications. We propose TARANET,
an anonymity system that implements protection against traffic analysis at the
network layer, and limits the incurred latency and overhead. In TARANET's setup
phase, traffic analysis is thwarted by mixing. In the data transmission phase,
end hosts and ASes coordinate to shape traffic into constant-rate transmission
using packet splitting. Our prototype implementation shows that TARANET can
forward anonymous traffic at over 50~Gbps using commodity hardware
Hang With Your Buddies to Resist Intersection Attacks
Some anonymity schemes might in principle protect users from pervasive
network surveillance - but only if all messages are independent and unlinkable.
Users in practice often need pseudonymity - sending messages intentionally
linkable to each other but not to the sender - but pseudonymity in dynamic
networks exposes users to intersection attacks. We present Buddies, the first
systematic design for intersection attack resistance in practical anonymity
systems. Buddies groups users dynamically into buddy sets, controlling message
transmission to make buddies within a set behaviorally indistinguishable under
traffic analysis. To manage the inevitable tradeoffs between anonymity
guarantees and communication responsiveness, Buddies enables users to select
independent attack mitigation policies for each pseudonym. Using trace-based
simulations and a working prototype, we find that Buddies can guarantee
non-trivial anonymity set sizes in realistic chat/microblogging scenarios, for
both short-lived and long-lived pseudonyms.Comment: 15 pages, 8 figure
Identifying Website Users by TLS Traffic Analysis: New Attacks and Effective Countermeasures
Websites commonly use HTTPS to protect their users' private data from network-based attackers. By combining public social network profiles with TLS traffic analysis, we present a new attack that reveals the precise identities of users accessing major websites. As a countermeasure, we propose a novel length-hiding scheme that leverages standard TLS padding to enforce website-specific privacy policies. We present several implementations of this scheme, notably a patch for GnuTLS that offers a rich length-hiding API and an Apache module that uses this API to enforce an anonymity policy for sensitive user files. Our implementations are the first to fully exercise the length-hiding features of TLS and our work uncovers hidden timing assumptions in recent formal proofs of these features. Compared to previous work, we offer the first countermeasure that is standards-based, provably secure, and experimentally effective, yet pragmatic, offering websites a precise trade-off between user privacy and bandwidth efficiency.La vaste majorité des applications web repose sur HTTPS pour protéger, sur le réseau, les données privées de leurs utilisateurs. Nous présentons une nouvelle attaque qui, en combinant les données publiques des réseaux sociaux à une analyse de trafic TLS, permet de révéler l'identité des utilisateurs accédant aux sites web les plus populaires. En réponse à cette attaque, nous proposons un nouveau schéma, qui bien que n'utilisant que des fonctionnalités standards de TLS, permet de dissimuler la taille des données transitant et donc d'aiser l'application des politiques de sécurité. Nous avons intégré notre nouveau schéma de dissimulation de taille à GnuTLS via une API de haut niveau. Nous avons fait usage de cette dernière pour le développement d'un module Apache appliquant notre nouveau schéma à un ensemble de fichiers utilisateurs. Ainsi, nous offrons la première contre-mesure ne reposant que sur des fonctionnalités standards, possédant une preuve de sécurité formelle et efficace en pratique, et qui propose donc un bon compromis entre sécurité des utilisateurs et efficacité en terme de taille des données transitant sur le réseau
Countering internet packet classifiers to improve user online privacy
Internet traffic classification or packet classification is the act of classifying packets using the extracted statistical data from the transmitted packets on a computer network. Internet traffic classification is an essential tool for Internet service providers to manage network traffic, provide users with the intended quality of service (QoS), and perform surveillance. QoS measures prioritize a network\u27s traffic type over other traffic based on preset criteria; for instance, it gives higher priority or bandwidth to video traffic over website browsing traffic. Internet packet classification methods are also used for automated intrusion detection. They analyze incoming traffic patterns and identify malicious packets used for denial of service (DoS) or similar attacks. Internet traffic classification may also be used for website fingerprinting attacks in which an intruder analyzes encrypted traffic of a user to find behavior or usage patterns and infer the user\u27s online activities.
Protecting users\u27 online privacy against traffic classification attacks is the primary motivation of this work. This dissertation shows the effectiveness of machine learning algorithms in identifying user traffic by comparing 11 state-of-art classifiers and proposes three anonymization methods for masking generated user network traffic to counter the Internet packet classifiers. These methods are equalized packet length, equalized packet count, and equalized inter-arrival times of TCP packets. This work compares the results of these anonymization methods to show their effectiveness in reducing machine learning algorithms\u27 performance for traffic classification. The results are validated using newly generated user traffic.
Additionally, a novel model based on a generative adversarial network (GAN) is introduced to automate countering the adversarial traffic classifiers. This model, which is called GAN tunnel, generates pseudo traffic patterns imitating the distributions of the real traffic generated by actual applications and encapsulates the actual network packets into the generated traffic packets. The GAN tunnel\u27s performance is tested against random forest and extreme gradient boosting (XGBoost) traffic classifiers. These classifiers are shown not being able of detecting the actual source application of data exchanged in the GAN tunnel in the tested scenarios in this thesis
NetShaper: A Differentially Private Network Side-Channel Mitigation System
The widespread adoption of encryption in network protocols has significantly
improved the overall security of many Internet applications. However, these
protocols cannot prevent network side-channel leaks -- leaks of sensitive
information through the sizes and timing of network packets. We present
NetShaper, a system that mitigates such leaks based on the principle of traffic
shaping. NetShaper's traffic shaping provides differential privacy guarantees
while adapting to the prevailing workload and congestion condition, and allows
configuring a tradeoff between privacy guarantees, bandwidth and latency
overheads. Furthermore, NetShaper provides a modular and portable tunnel
endpoint design that can support diverse applications. We present a
middlebox-based implementation of NetShaper and demonstrate its applicability
in a video streaming and a web service application
- …