2011
DOI: 10.4236/ait.2011.12003
|View full text |Cite
|
Sign up to set email alerts
|

Side-Channel Analysis for Detecting Protocol Tunneling

Abstract: Protocol tunneling is widely used to add security and/or privacy to Internet applications. Recent research has exposed side channel vulnerabilities that leak information about tunneled protocols. We first discuss the timing side channels that have been found in protocol tunneling tools. We then show how to infer Hidden Markov models (HMMs) of network protocols from timing data and use the HMMs to detect when protocols are active. Unlike previous work, the HMM approach we present requires no a priori knowledge … Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1

Citation Types

0
4
0

Year Published

2014
2014
2022
2022

Publication Types

Select...
2
2
1

Relationship

0
5

Authors

Journals

citations
Cited by 7 publications
(4 citation statements)
references
References 19 publications
(50 reference statements)
0
4
0
Order By: Relevance
“…In an interactive SSH session, users' keystroketiming data are associated with inter-packet delays. In [20], the inter-packet delays are used to determine the language used by the victim. This is achieved by comparing the observed data with the HMM of known languages.…”
Section: Identify the Language Being Typed In An Ssh Sessionmentioning
confidence: 99%
See 2 more Smart Citations
“…In an interactive SSH session, users' keystroketiming data are associated with inter-packet delays. In [20], the inter-packet delays are used to determine the language used by the victim. This is achieved by comparing the observed data with the HMM of known languages.…”
Section: Identify the Language Being Typed In An Ssh Sessionmentioning
confidence: 99%
“…Markov models have been widely used for detecting patterns [33,36,7,4,24,25,15,17]. The premise behind a Markov models is that the current state only depends on the previous state and that transition probabilities are stationary.…”
Section: Introductionmentioning
confidence: 99%
See 1 more Smart Citation
“…Side-channels extract information by observing implementation artifacts. For example, a timing side-channel vulnerability for SSH has been used to extract the system password from interactive sessions and detect the protocols being used within the encrypted communications [24]. In [25] researchers found that it is possible to detect PMU measurement sessions even when a VPN encrypts the traffic.…”
Section: E Side Channel Attackmentioning
confidence: 99%