论文信息 - On the Reliability of Current Generation Network Eavesdropping Tools

On the Reliability of Current Generation Network Eavesdropping Tools

This paper analyzes the problem of interception of Internet traffic from the eavesdropper's point of view. We examine the reliability and accuracy of transcripts, and show that obtaining "high fidelity" transcripts is harder than previously assumed. Even in highly favorable situations, such as capturing unencrypted traffic using standard protocols, simple -and entirely unilateral -countermeasures are shown to be sufficient to prevent accurate traffic analysis in many Internet interception configurations. In particular, these countermeasures were successful against every available eavesdropping system we tested. Central to our approach is a new class of techniques that we call confusion, which, unlike cryptography or steganography, does not require cooperation by the communicating parties and, in some case, can be employed entirely by a third party not involved in the communication at all.

[1] Vern Paxson,et al. A high-level programming environment for packet trace anonymization and transformation , 2003, SIGCOMM '03.

[2] Nick Mathewson,et al. Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[3] Michael K. Reiter,et al. Crowds: anonymity for Web transactions , 1998, TSEC.

[4] Micah Sherr,et al. The Eavesdropper's Dilemma , 2006 .

[5] Micah Sherr,et al. Listen Too Closely and You May Be Confused , 2005, Security Protocols Workshop.

[6] Vern Paxson,et al. Active mapping: resisting NIDS evasion without altering traffic , 2003, 2003 Symposium on Security and Privacy, 2003..

[7] Gilles Brassard,et al. Experimental Quantum Cryptography , 1990, EUROCRYPT.

[8] Thomas Henry Ptacek,et al. Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection , 1998 .

[9] Jon Postel,et al. Internet Protocol , 1981, RFC.

[10] R. Walgate. Tale of two cities , 1984, Nature.

[11] Micah Sherr,et al. Signaling vulnerabilities in wiretapping systems , 2005, IEEE Security & Privacy Magazine.

[12] Gustavus J. Simmons,et al. The Prisoners' Problem and the Subliminal Channel , 1983, CRYPTO.

[13] Vern Paxson,et al. Bro: a system for detecting network intruders in real-time , 1998, Comput. Networks.

[14] Steven M. Bellovin,et al. Wiretapping the Net , 2000 .

[15] Matt Blaze,et al. Tapping on my network door , 2000, CACM.