A Low-Cost Side Channel Traffic Analysis Attack in Packet Networks

This paper presents a nefarious low-cost traffic analysis attack in packet-based networks, such as the Internet. The attack is mountable in any scenario where a shared routing resource exists among users. A real-world attack successfully compromised the privacy of a user without requiring significant resources in terms of access, memory, or computational power. The effectiveness of our attack is demonstrated in a scenario where the user’s DSL router uses FCFS scheduling policy. Specifically, we show that by using a low-rate string of pings, a remote attacker can obtain significant traffic-timing and volume information about a particular user, just by observing the round trip time of the pings. We also observe that even when the scheduling policy is changed to round-robin, while the correlation reduces significantly, the attacker can still reliably deduce user’s traffic pattern. Most of the router scheduling policies designed to date are evaluated mostly on the metrics of throughput, delay and fairness. Our work is aimed to demonstrate a need for considering an additional metric of performance, the anonymity between the individual traffic flows through the router.

[1]  Charles V. Wright,et al.  Spot Me if You Can: Uncovering Spoken Phrases in Encrypted VoIP Conversations , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[2]  Christopher Allen,et al.  The TLS Protocol Version 1.0 , 1999, RFC.

[3]  Roger Dingledine,et al.  A Practical Congestion Attack on Tor Using Long Paths , 2009, USENIX Security Symposium.

[4]  M. Frans Kaashoek,et al.  A measurement study of available bandwidth estimation tools , 2003, IMC '03.

[5]  Brian Neil Levine,et al.  Inferring the source of encrypted HTTP connections , 2006, CCS '06.

[6]  David D. Jensen,et al.  Privacy Vulnerabilities in Encrypted HTTP Streams , 2005, Privacy Enhancing Technologies.

[7]  Anton Stiglic,et al.  Traffic Analysis Attacks and Trade-Offs in Anonymity Providing Systems , 2001, Information Hiding.

[8]  George Danezis,et al.  Low-cost traffic analysis of Tor , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[9]  Angelos D. Keromytis,et al.  Identifying Proxy Nodes in a Tor Anonymization Circuit , 2008, 2008 IEEE International Conference on Signal Image Technology and Internet Based Systems.