2012 IEEE Symposium on Security and Privacy 2012
DOI: 10.1109/sp.2012.28
|View full text |Cite
|
Sign up to set email alerts
|

Peek-a-Boo, I Still See You: Why Efficient Traffic Analysis Countermeasures Fail

Abstract: We consider the setting of HTTP traffic over encrypted tunnels, as used to conceal the identity of websites visited by a user. It is well known that traffic analysis (TA) attacks can accurately identify the website a user visits despite the use of encryption, and previous work has looked at specific attack/countermeasure pairings. We provide the first comprehensive analysis of general-purpose TA countermeasures. We show that nine known countermeasures are vulnerable to simple attacks that exploit coarse featur… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
2

Citation Types

5
329
1
3

Year Published

2015
2015
2019
2019

Publication Types

Select...
3
2
2

Relationship

0
7

Authors

Journals

citations
Cited by 374 publications
(338 citation statements)
references
References 16 publications
5
329
1
3
Order By: Relevance
“…Link-padding has been used for traffic morphing to cause confusion in the classifier by disguising the target page fingerprint as that of another page [32]. However, as Dyer et al note [9], traffic morphing techniques produce high bandwidth overheads as some packets must be buffered for a long period. The strategy we follow in ALPaCA is different from traffic morphing in that page contents are not disguised as other pages', but rather the content is modified to become less fingerprintable.…”
Section: Defensesmentioning
confidence: 99%
See 3 more Smart Citations
“…Link-padding has been used for traffic morphing to cause confusion in the classifier by disguising the target page fingerprint as that of another page [32]. However, as Dyer et al note [9], traffic morphing techniques produce high bandwidth overheads as some packets must be buffered for a long period. The strategy we follow in ALPaCA is different from traffic morphing in that page contents are not disguised as other pages', but rather the content is modified to become less fingerprintable.…”
Section: Defensesmentioning
confidence: 99%
“…In 2012, Dyer et al presented BuFLO [9], a defense based on constant-rate link-padding. Although BuFLO is a proof-of-concept defense and has high bandwidth overheads, other defenses have been developed from the original BuFLO design.…”
Section: Defensesmentioning
confidence: 99%
See 2 more Smart Citations
“…Given that bandwidth and latency increases come at a cost to usability and deployability, these defenses must strive for a trade-off between security and performance overheads. Unfortunately, the state-of-the-art link-padding defenses are not acceptable for use in Tor: they increase latency, delaying page loads between two and four times and impose bandwidth overheads between 40% [4] and 350% [8] on average.…”
Section: Introductionmentioning
confidence: 99%