Download presentation

Presentation is loading. Please wait.

Published byDevyn Gatliff Modified over 2 years ago

1
Traffic Morphing: An Efficient Defense Against Statistical Traffic Analysis Charles Wright, Scott Coull, Fabian Monrose Presented by Sruthi Vemulapalli

2
Introduction Network traffic analysis How to reduce the leak of data? Convex optimization Examples Traffic classification techniques VoIP language classifier Web page classifier

3
Statistical distribution in encrypted VoIP Mimicry attack Polymorphic blending technique Other approaches

4
Traffic Morphing Goal: To provide users with an efficient method of preventing information leakage that induces less overhead. Operation : – Selection of source processes – Selection of target processes – Morphing Matrix – Morphing algorithm – Data interception

5
Morphing Matrix Source process : X = [x1, x2,..., xn]T, xi is the probability of the ith largest packet size Target process : Y = [y1, y2,..., yn]T Morphing Matrix A = [aij], where Y=AX

6
Operation Packet received from source application Altering of packets Cumulative probability si=sum of the probabilities for all sizes <=si Sampling Target size Advantage : – Minimum overhead – Matrix generation performed offline

7
Morphing via Convex Optimization From A we have n2 unknowns Y=AX representation n equations from the matrix Another n equations

8
Minimizing the cost function f0(A) Solving convex optimization functions Example Overall cost matrix A represented as: Optimization problem in standard form

9
Additional Morphing Constraints Uses: Preserve the quality of the data Minimize number of packets produced Adding equality constraints Disadvantage : Overspecified equations with no valid solution

10
Multilevel programming Example Comparison function: First Optimization Problem:

11
Second Optimization Problem

12
Dealing with Large Sample Spaces Problem with growth of constraints Complexity of finding morphing matrices when n is large becomes prohibitively high Divide and Conquer strategy Applying the strategy to X and Y vectors

13
Example (bigram distributions) Initial morphing matrix optimization: Submatrix optimization:

14
Practical Considerations Short Network Sessions Variations in Source Distribution Reducing Packet Sizes

15
Evaluation Encrypted Voice over IP Whitebox vs Blackbox Morphing

16
Defeating the Original Classifier

17
Evaluating Indistinguishability White box has the best accuracy over black box

18
Web Page Identification Defeating the Original Classifier

20
Conclusion Traffic morphing, chooses the best way to alter the feature(s) of a packet Privacy and efficiency are balanced through the use of convex optimization techniques Works in real-time Reduces the accuracy of the VoIP and webpage classifier

Similar presentations

OK

Traffic Classification through Simple Statistical Fingerprinting M. Crotti, M. Dusi, F. Gringoli, L. Salgarelli ACM SIGCOMM Computer Communication Review,

Traffic Classification through Simple Statistical Fingerprinting M. Crotti, M. Dusi, F. Gringoli, L. Salgarelli ACM SIGCOMM Computer Communication Review,

© 2017 SlidePlayer.com Inc.

All rights reserved.

Ads by Google