Traffic Morphing: An efficient defense against statistical traffic analysis

Traffic Morphing: An efficient defense against statistical traffic analysis. Wright, C., Coull, S., & Monrose, F. February 2009.
abstract bibtex

Recent work has shown that properties of network traffic that remain observable after encryption, namely packet sizes and timing, can reveal surprising information about the traffic\textquoterights contents (e.g., the language of a VoIP call [29], passwords in secure shell logins [20], or even web browsing habits [21, 14]). While there are some legitimate uses for encrypted traffic analysis, these techniques also raise important questions about the privacy of encrypted communications. A common tactic for mitigating such threats is to pad packets to uniform sizes or to send packets at fixed timing intervals; however, this approach is often inefficient. In this paper, we propose a novel method for thwarting statistical traffic analysis algorithms by optimally morphing one class of traffic to look like another class. Through the use of convex optimization techniques, we show how to optimally modify packets in real-time to reduce the accuracy of a variety of traffic classifiers while incurring much less overhead than padding. Our evaluation of this technique against two published traffic classifiers for VoIP [29] and web traffic [14] shows that morphing works well on a wide range of network data\textemdashin some cases, simultaneously providing better privacy and lower overhead than na\textasciidieresis\ive defenses.

@conference {morphing09,
	title = {Traffic Morphing: An efficient defense against statistical traffic analysis},
	booktitle = {Proceedings of the Network and Distributed Security Symposium - {NDSS} {\textquoteright}09},
	year = {2009},
	month = {February},
	publisher = {IEEE},
	organization = {IEEE},
	abstract = {Recent work has shown that properties of network traffic that remain observable after encryption, namely packet sizes and timing, can reveal surprising information about the traffic{\textquoteright}s contents (e.g., the language of a VoIP call [29], passwords in secure shell logins [20], or even web browsing habits [21, 14]). While there are some legitimate uses for encrypted traffic analysis, these techniques also raise important questions about the privacy of encrypted communications. A common tactic for
mitigating such threats is to pad packets to uniform sizes or to send packets at fixed timing intervals; however, this approach is often inefficient. In this paper, we propose a novel method for thwarting statistical traffic analysis
algorithms by optimally morphing one class of traffic to look like another class. Through the use of convex optimization
techniques, we show how to optimally modify packets in real-time to reduce the accuracy of a variety of traffic classifiers while incurring much less overhead than padding. Our evaluation of this technique against two published traffic classifiers for VoIP [29] and web traffic [14] shows that morphing works well on a wide range of network data{\textemdash}in some cases, simultaneously providing better privacy and lower overhead than na{\textasciidieresis}{\i}ve defenses.},
	keywords = {privacy, traffic analysis, VoIP},
	author = {Charles Wright and Scott Coull and Fabian Monrose}
}

Downloads: 0

{"_id":"vy36RWtLTJuwxrc9m","bibbaseid":"wright-coull-monrose-trafficmorphinganefficientdefenseagainststatisticaltrafficanalysis-2009","downloads":0,"creationDate":"2018-07-03T04:50:27.878Z","title":"Traffic Morphing: An efficient defense against statistical traffic analysis","author_short":["Wright, C.","Coull, S.","Monrose, F."],"year":2009,"bibtype":"conference","biburl":"https://gnunet.org/bibliography/export/bibtex","bibdata":{"bibtype":"conference","type":"conference","title":"Traffic Morphing: An efficient defense against statistical traffic analysis","booktitle":"Proceedings of the Network and Distributed Security Symposium - NDSS \\textquoteright09","year":"2009","month":"February","publisher":"IEEE","organization":"IEEE","abstract":"Recent work has shown that properties of network traffic that remain observable after encryption, namely packet sizes and timing, can reveal surprising information about the traffic\\textquoterights contents (e.g., the language of a VoIP call [29], passwords in secure shell logins [20], or even web browsing habits [21, 14]). While there are some legitimate uses for encrypted traffic analysis, these techniques also raise important questions about the privacy of encrypted communications. A common tactic for mitigating such threats is to pad packets to uniform sizes or to send packets at fixed timing intervals; however, this approach is often inefficient. In this paper, we propose a novel method for thwarting statistical traffic analysis algorithms by optimally morphing one class of traffic to look like another class. Through the use of convex optimization techniques, we show how to optimally modify packets in real-time to reduce the accuracy of a variety of traffic classifiers while incurring much less overhead than padding. Our evaluation of this technique against two published traffic classifiers for VoIP [29] and web traffic [14] shows that morphing works well on a wide range of network data\\textemdashin some cases, simultaneously providing better privacy and lower overhead than na\\textasciidieresis\\ive defenses.","keywords":"privacy, traffic analysis, VoIP","author":[{"firstnames":["Charles"],"propositions":[],"lastnames":["Wright"],"suffixes":[]},{"firstnames":["Scott"],"propositions":[],"lastnames":["Coull"],"suffixes":[]},{"firstnames":["Fabian"],"propositions":[],"lastnames":["Monrose"],"suffixes":[]}],"bibtex":"@conference {morphing09,\n\ttitle = {Traffic Morphing: An efficient defense against statistical traffic analysis},\n\tbooktitle = {Proceedings of the Network and Distributed Security Symposium - {NDSS} {\\textquoteright}09},\n\tyear = {2009},\n\tmonth = {February},\n\tpublisher = {IEEE},\n\torganization = {IEEE},\n\tabstract = {Recent work has shown that properties of network traffic that remain observable after encryption, namely packet sizes and timing, can reveal surprising information about the traffic{\\textquoteright}s contents (e.g., the language of a VoIP call [29], passwords in secure shell logins [20], or even web browsing habits [21, 14]). While there are some legitimate uses for encrypted traffic analysis, these techniques also raise important questions about the privacy of encrypted communications. A common tactic for\r\nmitigating such threats is to pad packets to uniform sizes or to send packets at fixed timing intervals; however, this approach is often inefficient. In this paper, we propose a novel method for thwarting statistical traffic analysis\r\nalgorithms by optimally morphing one class of traffic to look like another class. Through the use of convex optimization\r\ntechniques, we show how to optimally modify packets in real-time to reduce the accuracy of a variety of traffic classifiers while incurring much less overhead than padding. Our evaluation of this technique against two published traffic classifiers for VoIP [29] and web traffic [14] shows that morphing works well on a wide range of network data{\\textemdash}in some cases, simultaneously providing better privacy and lower overhead than na{\\textasciidieresis}{\\i}ve defenses.},\n\tkeywords = {privacy, traffic analysis, VoIP},\n\tauthor = {Charles Wright and Scott Coull and Fabian Monrose}\n}\n","author_short":["Wright, C.","Coull, S.","Monrose, F."],"key":"morphing09","id":"morphing09","bibbaseid":"wright-coull-monrose-trafficmorphinganefficientdefenseagainststatisticaltrafficanalysis-2009","role":"author","urls":{},"keyword":["privacy","traffic analysis","VoIP"],"downloads":0},"search_terms":["traffic","morphing","efficient","defense","against","statistical","traffic","analysis","wright","coull","monrose"],"keywords":["privacy","traffic analysis","voip"],"authorIDs":[],"dataSources":["FWsPTwsmjtrBtRS3B"]}