2016
DOI: 10.1109/tifs.2016.2551203
|View full text |Cite
|
Sign up to set email alerts
|

A Web Traffic Analysis Attack Using Only Timing Information

Abstract: We introduce an attack against encrypted web traffic that makes use only of packet timing information on the uplink. This attack is therefore impervious to existing packet padding defences. In addition, unlike existing approaches this timing-only attack does not require knowledge of the start/end of web fetches and so is effective against traffic streams. We demonstrate the effectiveness of the attack against both wired and wireless traffic, achieving mean success rates in excess of 90%. In addition to being o… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
33
0
2

Year Published

2017
2017
2024
2024

Publication Types

Select...
5
3
1

Relationship

1
8

Authors

Journals

citations
Cited by 58 publications
(35 citation statements)
references
References 13 publications
0
33
0
2
Order By: Relevance
“…At first glance, fingerprinting smartphone apps may seem to be a simple translation of existing work. While there are some similarities, such as end-to-end communication using IP addresses/ports, there are nuances in the type of traffic sent by smartphones and the way in which it is sent that makes traffic analysis in the realm of smartphones distinct from traffic analysis on traditional workstations [10]- [13]. With this in mind, we outline related work by first enumerating traffic analysis approaches on workstations (Section II-A), and then focusing on traffic analysis on smartphones (Section II-B).…”
Section: Related Workmentioning
confidence: 99%
“…At first glance, fingerprinting smartphone apps may seem to be a simple translation of existing work. While there are some similarities, such as end-to-end communication using IP addresses/ports, there are nuances in the type of traffic sent by smartphones and the way in which it is sent that makes traffic analysis in the realm of smartphones distinct from traffic analysis on traditional workstations [10]- [13]. With this in mind, we outline related work by first enumerating traffic analysis approaches on workstations (Section II-A), and then focusing on traffic analysis on smartphones (Section II-B).…”
Section: Related Workmentioning
confidence: 99%
“…We do not seek to conceal the fact that the client device is browsing the web, but rather to prevent an attacker from inferring which pages are being browsed. Packet timing data is a rich source of information, as discussed in more detail in Section II-B below, and in particular it is known to be sufficient to allow an attacker to infer with high probability the web page being browsed by a user [7] while in [5] it is shown that packet padding is not sufficient to hide coarse grained features such as bursts in traffic or the total size and load time of a page.…”
Section: A Threat Modelmentioning
confidence: 99%
“…The timing of packets is less adaptable, since it would have a direct impact on the performance of the web service [14]. We combine both packet size and IAT to create a two-dimensional histogram.…”
Section: A Packet Size -Interarrival Timementioning
confidence: 99%