A novel network delay based side-channel attack: Modeling and defense

Information leakage via side channels has become a primary security threat to encrypted web traffic. Existing side channel attacks and corresponding countermeasures focus primarily on packet length, packet timing, web object size and web flow size. However, we found that encrypted web traffic can also leak information via network delay between a user and the web sites that she visits. Motivated by this observation, we investigate a novel network-delay based side-channel attack to infer web sites visited by a user. The adversary can utilize pattern recognition techniques to differentiate web sites by measuring sample mean and sample variance of the round-trip time (RTT) between a victim user and web sites. We theoretically analyzed the damage caused by such an adversary and derived closed-form formulae for detection rate, the probability that the adversary correctly recognizes a web site. To defeat this side-channel attack, we proposed several countermeasures. The basic idea is to shape traffic from different web sites so that they have similar RTT statistics. We proposed the strategies based on the k-means clustering and K-Anonymity to ensure that traffic shaping will not cause excessive delay while providing a predictable degree of anonymity. We conducted extensive experiments and our empirical results match our theory very well.

[1]  Weijia Jia,et al.  A new cell counter based attack against tor , 2009, CCS.

[2]  Andreas Pfitzmann,et al.  Anonymity, Unobservability, and Pseudonymity - A Proposal for Terminology , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[3]  Douglas S. Reeves,et al.  Robust correlation of encrypted attack traffic through stepping stones by manipulation of interpacket delays , 2003, CCS '03.

[4]  Hannes Federrath,et al.  Website fingerprinting: attacking popular privacy enhancing technologies with the multinomial naïve-bayes classifier , 2009, CCSW '09.

[5]  Dawn Xiaodong Song,et al.  Timing Analysis of Keystrokes and Timing Attacks on SSH , 2001, USENIX Security Symposium.

[6]  Mun Choon Chan,et al.  Website Fingerprinting and Identification Using Ordered Feature Sequences , 2010, ESORICS.

[7]  Weijia Jia,et al.  A novel packet size based covert channel attack against anonymizer , 2011, 2011 Proceedings IEEE INFOCOM.

[8]  Xinwen Fu,et al.  DSSS-Based Flow Marking Technique for Invisible Traceback , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[9]  Peng Ning,et al.  On the secrecy of timing-based active watermarking trace-back techniques , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[10]  Sushil Jajodia,et al.  Tracking anonymous peer-to-peer VoIP calls on the internet , 2005, CCS '05.

[11]  Lili Qiu,et al.  Statistical identification of encrypted Web browsing traffic , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[12]  Charles V. Wright,et al.  Traffic Morphing: An Efficient Defense Against Statistical Traffic Analysis , 2009, NDSS.

[13]  Robert Faris,et al.  2010 Circumvention Tool Usage Report , 2011 .

[14]  David D. Jensen,et al.  Privacy Vulnerabilities in Encrypted HTTP Streams , 2005, Privacy Enhancing Technologies.

[15]  Riccardo Bettati,et al.  On Flow Correlation Attacks and Countermeasures in Mix Networks , 2004, Privacy Enhancing Technologies.

[16]  Charles V. Wright,et al.  Language Identification of Encrypted VoIP Traffic: Alejandra y Roberto or Alice and Bob? , 2007, USENIX Security Symposium.

[17]  Xiapu Luo,et al.  HTTPOS: Sealing Information Leaks with Browser-side Obfuscation of Encrypted Flows , 2011, NDSS.

[18]  Charles V. Wright,et al.  Spot Me if You Can: Uncovering Spoken Phrases in Encrypted VoIP Conversations , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[19]  Zhen Ling,et al.  Equal-Sized Cells Mean Equal-Sized Packets in Tor? , 2011, 2011 IEEE International Conference on Communications (ICC).

[20]  Brian Neil Levine,et al.  Inferring the source of encrypted HTTP connections , 2006, CCS '06.

[21]  Rui Wang,et al.  Side-Channel Leaks in Web Applications: A Reality Today, a Challenge Tomorrow , 2010, 2010 IEEE Symposium on Security and Privacy.