Withdraw
Loading…
Timing channels in traffic analysis
Gong, Xun
Loading…
Permalink
https://hdl.handle.net/2142/50541
Description
- Title
- Timing channels in traffic analysis
- Author(s)
- Gong, Xun
- Issue Date
- 2014-09-16
- Director of Research (if dissertation) or Advisor (if thesis)
- Kiyavash, Negar
- Doctoral Committee Chair(s)
- Kiyavash, Negar
- Committee Member(s)
- Borisov, Nikita
- Caesar, Matthew C.
- Veeravalli, Venugopal V.
- Department of Study
- Electrical & Computer Eng
- Discipline
- Electrical & Computer Engr
- Degree Granting Institution
- University of Illinois at Urbana-Champaign
- Degree Name
- Ph.D.
- Degree Level
- Dissertation
- Keyword(s)
- privacy and anonymity
- network security
- information theory
- Abstract
- "We study two timing channel problems abstracted from practices of network traffic analysis. The first timing channel exists in a router receiving packets from two users; due to the sharing of router buffer, queuing delays of one user's packets incidentally convey information about the other user's packet arrival pattern. We demonstrate the feasibility of such a channel in reality by devising a remote traffic analysis attack on home broadband users. In particular, we implement a website detection attack that exploits a timing side channel in the user's DSL router, and show that adversaries can learn sufficient information pertaining to the user's activities on the web by sending probes from a far-off vantage point. To investigate performances of timing side channels in general systems with a shared queue, we consider a job scheduler serving a regular user and a malicious attacker, and quantify information leakage using a Shannon mutual information based metric. Our analysis reveals the fundamental privacy flaw of the class of deterministic work-conserving schedulers, such as longest-queue-first (LQF), first-come-fist-serve (FCFS), and round robin; we show that the attacker always learns half of a low-rate user's arrival pattern. We also study the usage of a shared queue for covert communication by considering a timing covert channel scenario, where one user of the scheduler encodes a message in job-issuing times and the other user decodes this message from job queuing delays. Formulating this as a conventional communication channel problem, we derive the channel capacities for common schedulers. The second timing channel studied is the timing stenographic channel arising in network flow watermarking, a technique with applications in attacking low-latency anonymous networks and detecting stepping stones. By injecting an ``invisible"" timing pattern (namely the watermark) in a packet flow, one can stealthily track the path of the flow in the network. Earlier flow watermarking schemes mostly considered substitution errors, neglecting the effects of packet insertions and deletions that commonly happen within a network. More recent schemes considered packet deletions but often at the expense of the watermark visibility. We present an invisible flow watermarking scheme capable of enduring a large number of packet losses and insertions. We model the watermarking embedding/decoding processes as a timing stenographic channel with dependent substitution, deletion and bursty insertion errors, and propose a reliable watermark decoding scheme by formulating the watermark decoding as an estimation problem. To maintain visibility, our scheme embeds the watermark into inter-packet delays, as opposed to time intervals including many packets. Experimental results on both synthetic and real network traces demonstrate that our scheme is robust to network jitter, packet drops and splits, while remaining invisible to an attacker."
- Graduation Semester
- 2014-08
- Permalink
- http://hdl.handle.net/2142/50541
- Copyright and License Information
- Copyright 2014 Xun Gong
Owning Collections
Graduate Dissertations and Theses at Illinois PRIMARY
Graduate Theses and Dissertations at IllinoisDissertations and Theses - Electrical and Computer Engineering
Dissertations and Theses in Electrical and Computer EngineeringManage Files
Loading…
Edit Collection Membership
Loading…
Edit Metadata
Loading…
Edit Properties
Loading…
Embargoes
Loading…