Active traffic analysis attacks and countermeasures

Proceedings - 2003 International Conference on Computer Networks and Mobile Computing, ICCNMC 2003

Volumn , Issue , 2003, Pages 31-39

  Fu, Xinwen ^a   Graham, B ^a   Bettati, R ^a   Zhao, Wei ^a  

^a TEXAS A AND M UNIVERSITY   (United States)

Author keywords

Entropy; Information analysis; Information security; Internet; Mission critical systems; Pattern analysis; Payloads; Statistical analysis; Telecommunication traffic; Wire

Indexed keywords

ENTROPY; INFORMATION ANALYSIS; INTERNET; MOBILE COMPUTING; SECURITY OF DATA; STATISTICAL METHODS; TELECOMMUNICATION TRAFFIC; WIRE;

MISSION CRITICAL; MISSION CRITICAL APPLICATIONS; MISSION CRITICAL SYSTEMS; PATTERN ANALYSIS; PAYLOADS; ROUND-TRIP TIME; STATISTICAL PATTERN RECOGNITION; TRAFFIC ANALYSIS ATTACKS;

PATTERN RECOGNITION;

EID: 84946149882     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ICCNMC.2003.1243024     Document Type: Conference Paper

References (35)

1. Onion Routing Development Achives. Link padding and the intersection attack. http://archives.seul.org/or/dev/Aug-2002/msg00004.html, 8 2002.
2. Rebecca Gurley Bace. Intrusion Detection. Que, 1 edition, 1999.
3. P. Baran. On distributed communications: Ix security, secrecy, and tamper-free considerations. Memo RM-3765-PR, Rand Corp., Aug. 1964.
4. CAIDA. Packet sizes and sequencing. http://www.caida.org/outreach/resources/learn/packetsizes/, June 2002.
5. D. L. Chaum. Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM, 24(2), Feb. 1981.
6. K. claffy, G. Miller, and K. Thompson. the nature of the beast: recent traffic measurements from an internet backbone. Proceedings of ISOC INET '98, July 1998.
7. Ralph B. D'Agostino and Michael A. Stephens. Goodness-of-fit techniques. Marcel Dekker, inc., 1986.
8. R.O.Duda and P.E.Hart. Pattern Classification. John Wiley & Sons, 2001.
9. Edward W. Felten and Michael A. Schneider. Timing attacks on web privacy. ACM Conference on Computer and Communications Security (CCS), 2000.
10. Xinwen Fu, Bryan Graham, Riccardo Bettati, and Wei Zhao. On effectiveness of link padding for statistical traffic analysis attacks. ICDCS, 2003.
11. Y. Guan, X. Fu, D. Xuan, P. U. Shenoy, R. Bettati, and W. Zhao. Netcamo: Camouflaging network traffic for qos-guaranteed critical allplications. In IEEE Transactions on Systems, Man, and Cybernetics Part A: Systems and Humans, Special Issue on Information Assurance, volume 31 of 4, pages 253-265, July 2001.
12. Andrew Hintz. Fingerprinting websites using traffic analysis. http://guh.nu/projects/ta/safeweb/safeweb.html, 2002.
13. John D. Howard. An analysis of security incidents on the internet 1989-1995. PHD dissertation, CMU, 1997.
14. SafeWeb inc. Safeweb. http://www.safewebinc.com/, 2002.
15. A. K. Jain, R. P. W. Duin, and J. Mao. Statistical pattern recognition: A review. IEEE Transactions on Pattern Analysis and Machine Intelligence, 22(1):4-37, 2000.
16. Ulf Lindqvist and Erland Jonsson. How to systematically classify computer security intrusions. Proceedings of the IEEE Symposium on Security and Privacy, 1997.
17. R. Moddemeijer. On estimation of entropy and mutual information of continuous distributions. Signal Processing, 16(3):233-246, 1989.
18. D. Moore, V. Paxson, S. Savage, C. Shannon, S. Staniford, and N. Weaver. The spread of the sapphire/slammer worm. CAIDA, ICSI, Silicon Defense, UC Berkeley EECS and UC San Diego CSE, 2003.
19. The netfilter/iptables project. Netfilter. http://netfilter.samba.org/, 2003.
20. R. E. Newman-Wolfe and B. R. Venkatraman. High level prevention of traffic analysis. Computer Security Applications Conference, Seventh Annual, pages 102-109, 1991.
21. R. E. Newman-Wolfe and B. R. Venkatraman. Performance analysis of a method for high level prevention of traffic analysis. Computer Security Applications Conference, Eighth Annual, pages 123-130, 1992.
22. NIST/SEMATECH. Handbook of statistical methods. http://www.itl.nist.gov/div898/handbook/eda/section3/boxplot.htm, 2003.
23. Marconi Corporation plc. Esr-5000 and esr-6000 enterprise switch routers. http://www.marconi.com/html/products/esr50006000.htm, 2003.
24. J. Raymond. Traffic analysis: Protocols, attacks, design issues and open problems. In H. Federrath, editor, Designing Privacy Enhancing Technologies: Proceedings of International Workshop on Design Issues in Anonymity and Unobservability, volume 2009 of LNCS, pages 10-29. Springer-Verlag, 2001.
25. C. E. Shannon. Communication theory of secrecy systems. Bell Sys. Tech. J., 28:656-715, 1949.
26. B. W. Silverman. Density estimation for statistics and data analysis. Chapman and Hall, London, New York, 1986.
27. D. X. Song, D. Wagner, and X. Tian. Timing analysis of keystrokes and timing attacks on ssh. 10th USENIX Security Symposium, 2001.
28. Qixiang Sun, Daniel R. Simon, Yimin Wang, Wilf Russell, Venkata N. Padmanabhan, and Lili Qiu. Statistical identification of encrypted web browsing traffic. IEEE Symposium on Security and Privacy, 2002.
29. P. F. Syverson, D. M. Goldschlag, and M. G. Reed. Anonymous connections and onion routing. In IEEE Symposium on Security and Privacy, pages 44-54, Oakland, California, 4-7 1997.
30. Agilent Technologies. Agilent j6841a network analyzer software. http://onenetworks.comms.agilent.com/NetworkAnalyzer/J6841A.asp, March 2002.
31. TimeSys. Timesys linux docs. http://www.timesys.com/index.cfm?hdr=home-header.cfm&bdy=home-bdy-library.cfm, 2003.
32. Brenda Timmerman. a security model for dynamic adaptive traffic masking. New Security Paradigms Workshop, 1997.
33. B. R. Venkatraman and R. E. Newman-Wolfe. Performance analysis of a method for high level prevention of traffic analysis using measurements from a campus network. Computer Security Applications Conference, 10th Annual, pages 288-297, 1994.
34. V. Voydoc and S. Kent. Security mechanisms in highlevel network protocols. ACM Computing Surveys, pages 135-171, 1983.
35. Andrew Webb. Statistical Pattern Recognition. John Wiley & Sons, ltd., second edition, 2002.