OPriv: Optimizing Privacy Protection for Network Traffic

Statistical traffic analysis has absolutely exposed the privacy of supposedly secure network traffic, proving that encryption is not effective anymore. In this work, we present an optimal countermeasure to prevent an adversary from inferring users’ online activities, using traffic analysis. First, we formulate analytically a constrained optimization problem to maximize network traffic obfuscation while minimizing overhead costs. Then, we provide OPriv, a practical and efficient algorithm to solve dynamically the non-linear programming (NLP) problem, using Cplex optimization. Our heuristic algorithm selects target applications to mutate to and the corresponding packet length, and subsequently decreases the security risks of statistical traffic analysis attacks. Furthermore, we develop an analytical model to measure the obfuscation system’s resilience to traffic analysis attacks. We suggest information theoretic metrics for quantitative privacy measurement, using entropy. The full privacy protection of OPriv is assessed through our new metrics, and then through extensive simulations on real-world data traces. We show that our algorithm achieves strong privacy protection in terms of traffic flow information without impacting the network performance. We are able to reduce the accuracy of a classifier from 91.1% to 1.42% with only 0.17% padding overhead.

[1]  Charles V. Wright,et al.  Traffic Morphing: An Efficient Defense Against Statistical Traffic Analysis , 2009, NDSS.

[2]  Domenico Ciuonzo,et al.  A Dive into the Dark Web: Hierarchical Traffic Classification of Anonymity Tools , 2020, IEEE Transactions on Network Science and Engineering.

[3]  Imad H. Elhajj,et al.  A review on machine learning–based approaches for Internet traffic classification , 2020, Annals of Telecommunications.

[4]  Yaser Jararweh,et al.  An intrusion detection system for connected vehicles in smart cities , 2019, Ad Hoc Networks.

[5]  Imad H. Elhajj,et al.  Network Obfuscation for Net Worth Security , 2020, 2020 Seventh International Conference on Software Defined Systems (SDS).

[6]  Optimal Packet Camouflage Against Traffic Analysis , 2021, ACM Transactions on Privacy and Security.

[7]  Fabian Monrose,et al.  Phonotactic Reconstruction of Encrypted VoIP Conversations: Hookt on Fon-iks , 2011, 2011 IEEE Symposium on Security and Privacy.

[8]  Christian Callegari,et al.  A Methodological Overview on Anomaly Detection , 2013, Data Traffic Monitoring and Analysis.

[9]  Wei Wang,et al.  Dependent link padding algorithms for low latency anonymity systems , 2008, CCS.

[10]  R. A. Leibler,et al.  On Information and Sufficiency , 1951 .

[11]  Erhan Guven,et al.  A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection , 2016, IEEE Communications Surveys & Tutorials.

[12]  Vitaly Shmatikov,et al.  Timing Analysis in Low-Latency Mix Networks: Attacks and Defenses , 2006, ESORICS.

[13]  Marco Mellia,et al.  A Survey on Big Data for Network Traffic Monitoring and Analysis , 2019, IEEE Transactions on Network and Service Management.

[14]  Andrea Baiocchi,et al.  From ideality to practicability in statistical packet features masking , 2012, 2012 8th International Wireless Communications and Mobile Computing Conference (IWCMC).

[15]  Seyed Pooya Shariatpanahi,et al.  A Dummy-Based Approach for Preserving Source Rate Privacy , 2016, IEEE Transactions on Information Forensics and Security.

[16]  Yuan-Cheng Lai,et al.  Evasion Techniques: Sneaking through Your Intrusion Detection/Prevention Systems , 2012, IEEE Communications Surveys & Tutorials.

[17]  Fan Zhang,et al.  Thwarting Wi-Fi Side-Channel Analysis through Traffic Demultiplexing , 2014, IEEE Transactions on Wireless Communications.

[18]  Matthew K. Wright,et al.  Timing Attacks in Low-Latency Mix Systems (Extended Abstract) , 2004, Financial Cryptography.

[19]  Cedric Baudoin,et al.  Towards the Deployment of Machine Learning Solutions in Network Traffic Classification: A Systematic Survey , 2019, IEEE Communications Surveys & Tutorials.

[20]  Florian Dörfler,et al.  Attack Detection and Identification in Cyber-Physical Systems -- Part II: Centralized and Distributed Monitor Design , 2012, ArXiv.

[21]  Gürkan Gür,et al.  JESS: Joint Entropy-Based DDoS Defense Scheme in SDN , 2018, IEEE Journal on Selected Areas in Communications.

[22]  Chen Yang,et al.  Anomaly network traffic detection algorithm based on information entropy measurement under the cloud computing environment , 2018, Cluster Computing.

[23]  Pavel Celeda,et al.  A survey of methods for encrypted traffic classification and analysis , 2015, Int. J. Netw. Manag..

[24]  Parth H. Pathak,et al.  Privacy-aware contextual localization using network traffic analysis , 2017, Comput. Networks.

[25]  Fu Miao,et al.  Concurrent multipath traffic impersonating for enhancing communication privacy , 2014, Int. J. Commun. Syst..

[26]  Brian Neil Levine,et al.  Inferring the source of encrypted HTTP connections , 2006, CCS '06.

[27]  Imad H. Elhajj,et al.  AdaptiveMutate: a technique for privacy preservation , 2019, Digit. Commun. Networks.

[28]  C. E. SHANNON,et al.  A mathematical theory of communication , 1948, MOCO.

[29]  Jingfeng Xue,et al.  Detecting anomalous traffic in the controlled network based on cross entropy and support vector machine , 2019, IET Inf. Secur..

[30]  Mike Perry,et al.  Toward an Efficient Website Fingerprinting Defense , 2015, ESORICS.