 # Traffic Morphing: An Efficient Defense Against Statistical Traffic Analysis Charles Wright, Scott Coull, Fabian Monrose Presented by Sruthi Vemulapalli.

## Presentation on theme: "Traffic Morphing: An Efficient Defense Against Statistical Traffic Analysis Charles Wright, Scott Coull, Fabian Monrose Presented by Sruthi Vemulapalli."— Presentation transcript:

Traffic Morphing: An Efficient Defense Against Statistical Traffic Analysis Charles Wright, Scott Coull, Fabian Monrose Presented by Sruthi Vemulapalli

Introduction Network traffic analysis How to reduce the leak of data? Convex optimization Examples Traffic classification techniques  VoIP language classifier  Web page classifier

Statistical distribution in encrypted VoIP Mimicry attack Polymorphic blending technique Other approaches

Traffic Morphing Goal: To provide users with an efficient method of preventing information leakage that induces less overhead. Operation : – Selection of source processes – Selection of target processes – Morphing Matrix – Morphing algorithm – Data interception

Morphing Matrix Source process : X = [x1, x2,..., xn]T, xi is the probability of the ith largest packet size Target process : Y = [y1, y2,..., yn]T Morphing Matrix A = [aij], where Y=AX

Operation Packet received from source application Altering of packets Cumulative probability si=sum of the probabilities for all sizes <=si Sampling Target size Advantage : – Minimum overhead – Matrix generation performed offline

Morphing via Convex Optimization From A we have n2 unknowns Y=AX representation n equations from the matrix Another n equations

Minimizing the cost function f0(A) Solving convex optimization functions Example Overall cost matrix A represented as: Optimization problem in standard form

Additional Morphing Constraints Uses:  Preserve the quality of the data  Minimize number of packets produced Adding equality constraints Disadvantage : Overspecified equations with no valid solution

Multilevel programming Example Comparison function: First Optimization Problem:

Second Optimization Problem

Dealing with Large Sample Spaces Problem with growth of constraints Complexity of finding morphing matrices when n is large becomes prohibitively high Divide and Conquer strategy Applying the strategy to X and Y vectors

Example (bigram distributions) Initial morphing matrix optimization: Submatrix optimization:

Practical Considerations Short Network Sessions Variations in Source Distribution Reducing Packet Sizes

Evaluation Encrypted Voice over IP Whitebox vs Blackbox Morphing

Defeating the Original Classifier

Evaluating Indistinguishability White box has the best accuracy over black box

Web Page Identification Defeating the Original Classifier

Conclusion Traffic morphing, chooses the best way to alter the feature(s) of a packet Privacy and efficiency are balanced through the use of convex optimization techniques Works in real-time Reduces the accuracy of the VoIP and webpage classifier

Similar presentations