SWIRL: A Scalable Watermark to Detect Correlated Network Flows

Proceedings of the Symposium on Network and Distributed System Security, NDSS 2011

Volumn , Issue , 2011, Pages

  Houmansadr, Amir ^a   Borisov, Nikita ^a  

^a University of Illinois at Urbana Champaign   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

NETWORK SECURITY; TRAFFIC CONGESTION; WATERMARKING;

FLOW BYES; FLOW CORRELATION; LARGE-SCALES; MULTI FLOWS; NETWORK JITTER; NETWORKS FLOWS; PACKETS LOSS; SCALABLE APPROACH; TRAFFIC ANALYSIS; TRAFFIC-ANALYSIS TECHNIQUES;

PACKET LOSS;

EID: 85180621070     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (25)

1. A. Back, U. Möller, and A. Stiglic. Traffic analysis attacks and trade-offs in anonymity providing systems. In I. S. Moskowitz, editor, Information Hiding, volume 2137 of Lecture Notes in Computer Science, pages 245–247. Springer, Apr. 2001.
2. A. Bavier, M. Bowman, B. Chun, D. Culler, S. Karlin, S. Muir, L. Peterson, T. Roscoe, T. Spalink, and M. Wawrzoniak. Operating systems support for planetary-scale network services. In R. Morris and S. Savage, editors, Symposium on Networked Systems Design and Implementation, pages 253–266. USENIX, Mar. 2004.
3. A. Blum, D. X. Song, and S. Venkataraman. Detection of interactive stepping stones: Algorithms and confidence bounds. In E. Jonsson, A. Valdes, and M. Almgren, editors, International Symposium on Recent Advances in Intrusion Detection, volume 3224 of Lecture Notes in Computer Science, pages 258–277. Springer, Sept. 2004.
4. G. Danezis. The traffic analysis of continuous-time mixes. In D. Martin and A. Serjantov, editors, Workshop on Privacy Enhancing Technologies, volume 3424 of Lecture Notes in Computer Science, pages 35–50. Springer, May 2004.
5. R. Dingledine, N. Mathewson, and P. F. Syverson. Tor: The second-generation onion router. In M. Blaze, editor, USENIX Security Symposium, pages 303–320, Aug. 2004.
6. D. Donoho, A. Flesia, U. Shankar, V. Paxson, J. Coit, and S. Staniford. Multiscale stepping-stone detection: detecting pairs of jittered interactive streams by exploiting maximum tolerable delay. In A. Wespi, G. Vigna, and L. Deri, editors, International Symposium on Recent Advances in Intrusion Detection, volume 2516 of Lecture Notes in Computer Science, pages 17–35. Springer, Oct. 2002.
7. N. Evans, R. Dingledine, and C. Grothoff. A practical congestion attack on Tor using long paths. In F. Monrose, editor, USENIX Security Symposium, pages 33–50. USENIX, Aug. 2009.
8. S. Gianvecchio and H. Wang. Detecting covert timing channels: an entropy-based approach. In P. Ning, S. D. C. di Vimercati, and P. F. Syverson, editors, ACM Conference on Computer and Communications Security, pages 307–316. ACM, Oct. 2007.
9. A. Houmansadr, N. Kiyavash, and N. Borisov. RAINBOW: A robust and invisible non-blind watermark for network flows. In G. Vigna, editor, Network and Distributed System Security Symposium. Internet Society, Feb. 2009.
10. N. Kiyavash, A. Houmansadr, and N. Borisov. Multiflow attacks against network flow watermarking schemes. In P. van Oorschot, editor, USENIX Security Symposium. USENIX, July 2008.
11. S. Murdoch and G. Danezis. Low-cost traffic analysis of tor. In V. Paxson and M. Waidner, editors, IEEE Symposium on Security and Privacy. IEEE Computer Society, May 2005.
12. S. Murdoch and R. Watson. Metrics for security and performance in low-latency anonymity systems. In N. Borisov and I. Goldberg, editors, Privacy Enhancing Technologies Symposium, volume 5134 of Lecture Notes in Computer Science, pages 115–132. Springer, July 2008.
13. P. Peng, P. Ning, and D. S. Reeves. On the secrecy of timing-based active watermarking trace-back techniques. In V. Paxson and B. Pfitzmann, editors, IEEE Symposium on Security and Privacy, pages 334–349. IEEE Computer Society Press, May 2006.
14. B. Pfitzmann and P. McDaniel, editors. IEEE Symposium on Security and Privacy. IEEE Computer Society, May 2007.
15. Y. Pyun, Y. Park, X. Wang, D. S. Reeves, and P. Ning. Tracing traffic through intermediate hosts that repacketize flows. In G. Kesidis, E. Modiano, and R. Srikant, editors, IEEE Conference on Computer Communications (INFOCOM), pages 634–642. IEEE Communications Society, May 2007.
16. J.-F. Raymond. Traffic analysis: protocols, attacks, design issues, and open problems. In H. Federrath, editor, International Workshop on Designing Privacy Enhancing Technologies, volume 2009 of Lecture Notes on Computer Science, pages 10–29. Springer, July 2000.
17. S. Staniford-Chen and L. T. Heberlein. Holding intruders accountable on the Internet. In C. Meadows and J. McHugh, editors, IEEE Symposium on Security and Privacy, pages 39–49. IEEE Computer Society Press, May 1995.
18. C. Walsworth, E. Aben, kc claffy, and D. Andersen. The CAIDA anonymized 2009 Internet traces—January. http://www.caida.org/data/passive/passive_2009_dataset.xml, Mar. 2009.
19. X. Wang, S. Chen, and S. Jajodia. Network flow watermarking attack on low-latency anonymous communication systems. In Pfitzmann and McDaniel [14], pages 116–130.
20. X. Wang, D. Reeves, and S. F. Wu. Inter-packet delay based correlation for tracing encrypted connections through stepping stones. In D. Gollmann, G. Karjoth, and M. Waidner, editors, European Symposium on Research in Computer Security, volume 2502 of Lecture Notes in Computer Science, pages 244–263. Springer, Oct. 2002.
21. X. Wang and D. S. Reeves. Robust correlation of encrypted attack traffic through stepping stones by manipulation of interpacket delays. In V. Atluri, editor, ACM Conference on Computer and Communications Security, pages 20–29. ACM, 2003.
22. R. Wendolsky, D. Herrmann, and H. Federrath. Performance comparison of low-latency anonymisation services from a user perspective. In N. Borisov and P. Golle, editors, Privacy Enhancing Technologies Symposium, volume 4776 of Lecture Notes in Computer Science, pages 233–253. Springer, June 2007.
23. K. Yoda and H. Etoh. Finding a connection chain for tracing intruders. In F. Cuppens, Y. Deswarte, D. Gollmann, and M. Waidner, editors, European Symposium on Research in Computer Security, volume 1895 of Lecture Notes in Computer Science, pages 191–205. Springer, Oct. 2000.
24. W. Yu, X. Fu, S. Graham, D.Xuan, and W. Zhao. DSSSbased flow marking technique for invisible traceback. In Pfitzmann and McDaniel [14], pages 18–32.
25. Y. Zhang and V. Paxson. Detecting stepping stones. In S. Bellovin and G. Rose, editors, USENIX Security Symposium, pages 171–184. USENIX, Aug. 2000.