Traffic Morphing: An Efficient Defense Against Statistical Traffic Analysis Charles Wright, Scott Coull, Fabian Monrose Presented by Sruthi Vemulapalli.

Slides:

Advertisements

Similar presentations

VoIP SEAL 2.0 Security Suite for SIP enabled networks Thilo Ewald, Nico dHeureuse, Saverio Niccolini, Jan Seedorf NEC Europe Ltd., Heidelberg, Germany.

Advertisements

Ch. 12 Routing in Switched Networks Routing in Packet Switched Networks Routing Algorithm Requirements –Correctness –Simplicity –Robustness--the.

5-Network Defenses Dr. John P. Abraham Professor UTPA.

ClassBench: A Packet Classification Benchmark

Polymorphic blending attacks Prahlad Fogla et al USENIX 2006 Presented By Himanshu Pagey.

Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.

Network (Internet) Neutrality CMPT 771 Qiang (Scott) Zhang.

Determining applications and characteristics of encrypted wireless traffic. Chris Hanks CMPE 257 3/17/2011.

Traffic Morphing: An Efficient Defense Against Statistical Traffic Analysis Presented by Yang Gao 11/2/2011 Charles V. Wright MIT Lincoln Laboratory Scott.

06/05/2008 Jae Hyun Kim Chapter 2 Probability Theory (ii) : Many Random Variables Bioinformatics Tea Seminar: Statistical Methods in Bioinformatics.

By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.

1 VOIP Network Threats Let the subscribers beware Gerard Wilkes October 24, 2006.

Arizona State University DMML Kernel Methods – Gaussian Processes Presented by Shankar Bhargav.

Experts and Boosting Algorithms. Experts: Motivation Given a set of experts –No prior information –No consistent behavior –Goal: Predict as the best expert.

Design and Implementation of SIP-aware DDoS Attack Detection System.

Department Of Computer Engineering

An Effective Defense Against Spam Laundering Paper by: Mengjun Xie, Heng Yin, Haining Wang Presented at:CCS'06 Presentation by: Devendra Salvi.

1 A Network Traffic Classification based on Coupled Hidden Markov Models Fei Zhang, Wenjun Wu National Lab of Software Development.

Signatures As Threats to Privacy Brian Neil Levine Assistant Professor Dept. of Computer Science UMass Amherst.

Machine Learning Queens College Lecture 1: Introduction.

Traffic Classification through Simple Statistical Fingerprinting M. Crotti, M. Dusi, F. Gringoli, L. Salgarelli ACM SIGCOMM Computer Communication Review,

Introduction The large amount of traffic nowadays in Internet comes from social video streams. Internet Service Providers can significantly enhance local.

Towards a Safe Playground for HTTPS and Middle-Boxes with QoS2 Zhenyu Zhou CS Dept., Duke University.

Overview of Privacy Preserving Techniques.  This is a high-level summary of the state-of-the-art privacy preserving techniques and research areas  Focus.

Uncovering spoken phrases in encrypted VoIP conversations BY, RITESH CHANDRA REDDY GUNNA. PRASAD VUNNAM.

Preserving Link Privacy in Social Network Based Systems Prateek Mittal University of California, Berkeley Charalampos Papamanthou.

Distributed Computing Rik Sarkar. Distributed Computing Old style: Use a computer for computation.

HMM Profiles for Network Traffic Classification Charles Wright, Fabian Monrose and Gerald Masson Johns Hopkins University Information Security Institute.

DNS Security Pacific IT Pros Nov. 5, Topics DoS Attacks on DNS Servers DoS Attacks by DNS Servers Poisoning DNS Records Monitoring DNS Traffic Leakage.

Wireless Security Presented by: Amit Kumar Singh Instructor : Dr. T. Andrew Yang.

CIS 2033 based on Dekking et al. A Modern Introduction to Probability and Statistics Instructor Longin Jan Latecki C22: The Method of Least Squares.

Information Security Lab. Dept. of Computer Engineering 182/203 PART I Symmetric Ciphers CHAPTER 7 Confidentiality Using Symmetric Encryption 7.1 Placement.

Performance Analysis of Real Traffic Carried with Encrypted Cover Flows Nabil Schear David M. Nicol University of Illinois at Urbana-Champaign Department.

Wireless communications and mobile computing conference, p.p , July 2011.

1 A Network Security Monitor Paper By: Heberlein et. al. Presentation By: Eric Hawkins.

Firewall in the Internet Security By Dou Wang, Ying Chen, Jiaying Shi School of Computer Science University of Windsor November 2007.

DDoS flooding attack detection through a step-by-step investigation

1 Network Security: Introduction Behzad Akbari Fall 2009 In the Name of the Most High.

Confidentiality using Conventional Encryption Chapter 5.

Introduction of An Engineering Project for KOREN/APII Seung-Joon Seok Korea University.

Response network emerging from simple perturbation Seung-Woo Son Complex System and Statistical Physics Lab., Dept. Physics, KAIST, Daejeon , Korea.

1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.

KERBEROS. Introduction trusted key server system from MIT.Part of project Athena (MIT).Developed in mid 1980s. provides centralised private-key third-party.

Network traffic based computer system user identification Dr Zsolt Illési associate professor College of Dunaújváros Open Source Intelligence.

Spot me if you can: Uncovering spoken phrases in encrypted VoIP conversations Charles V. Wright Scott E. Coull Gerald M. Masson Lucas Ballard Fabian Monrose.

CS590B/690B Detecting Network Interference (Fall 2016)

LECTURE 10: DISCRIMINANT ANALYSIS

Data & Network Security

Defending Against DDoS

Randomized Algorithms

KDD 2004: Adversarial Classification

Parallel Matrix Multiplication and other Full Matrix Algorithms

Iterative Water-filling for Gaussian Vector Multiple Access Channel

Defending Against DDoS

Randomized Algorithms

C14: The central limit theorem

Parallel Matrix Multiplication and other Full Matrix Algorithms

A research work by: Charles V. Wright, Scott E. Coull, Fabian Monrose

Mapping Internet Sensors With Probe Response Attacks

Authors: Qinglong Wang Amir Yahyavi Bettina Kemme Wenbo He

Introduction to Probability & Statistics Joint Expectations

Network Traffic and Cybersecurity

LECTURE 09: DISCRIMINANT ANALYSIS

DDoS Attack and Its Defense

A Suite to Compile and Analyze an LSP Corpus

Norwegian Marine Insurance Statistics As of 31 December 2003

Write Linear Equations in Point-Slope Form

Statistical Process Control

Statistical Process Control

Empirical Distributions

Presentation transcript:

Traffic Morphing: An Efficient Defense Against Statistical Traffic Analysis Charles Wright, Scott Coull, Fabian Monrose Presented by Sruthi Vemulapalli

Introduction Network traffic analysis How to reduce the leak of data? Convex optimization Examples Traffic classification techniques  VoIP language classifier  Web page classifier

Statistical distribution in encrypted VoIP Mimicry attack Polymorphic blending technique Other approaches

Traffic Morphing Goal: To provide users with an efficient method of preventing information leakage that induces less overhead. Operation : – Selection of source processes – Selection of target processes – Morphing Matrix – Morphing algorithm – Data interception

Morphing Matrix Source process : X = [x1, x2,..., xn]T, xi is the probability of the ith largest packet size Target process : Y = [y1, y2,..., yn]T Morphing Matrix A = [aij], where Y=AX

Operation Packet received from source application Altering of packets Cumulative probability si=sum of the probabilities for all sizes <=si Sampling Target size Advantage : – Minimum overhead – Matrix generation performed offline

Morphing via Convex Optimization From A we have n2 unknowns Y=AX representation n equations from the matrix Another n equations

Minimizing the cost function f0(A) Solving convex optimization functions Example Overall cost matrix A represented as: Optimization problem in standard form

Additional Morphing Constraints Uses:  Preserve the quality of the data  Minimize number of packets produced Adding equality constraints Disadvantage : Overspecified equations with no valid solution

Multilevel programming Example Comparison function: First Optimization Problem:

Second Optimization Problem

Dealing with Large Sample Spaces Problem with growth of constraints Complexity of finding morphing matrices when n is large becomes prohibitively high Divide and Conquer strategy Applying the strategy to X and Y vectors

Example (bigram distributions) Initial morphing matrix optimization: Submatrix optimization:

Practical Considerations Short Network Sessions Variations in Source Distribution Reducing Packet Sizes

Evaluation Encrypted Voice over IP Whitebox vs Blackbox Morphing

Defeating the Original Classifier

Evaluating Indistinguishability White box has the best accuracy over black box

Web Page Identification Defeating the Original Classifier

Conclusion Traffic morphing, chooses the best way to alter the feature(s) of a packet Privacy and efficiency are balanced through the use of convex optimization techniques Works in real-time Reduces the accuracy of the VoIP and webpage classifier