Security and privacy have gained more and more attention with the rapid growth and public acceptance of the Internet as a means of communication and information dissemination. Security and privacy of a computing or network system may be compromised by a variety of well-crafted attacks.
In this dissertation, we address issues related to security and privacy in computer network systems. Specifically, we model and analyze a special group of network attacks, known as traffic analysis attacks , and develop and evaluate their countermeasures. Traffic analysis attacks aim to derive critical information by analyzing traffic over a network. We focus our study on two classes of traffic analysis attacks: link-load analysis attacks and flow-connectivity analysis attacks.
Our research has made the following conclusions: (1) We have found that an adversary may effectively discover link load by passively analyzing selected statistics of packet inter-arrival times of traffic flows on a network link. This is true even if some commonly used countermeasures (e.g., link padding) have been deployed. We proposed an alternative effective countermeasure to counter this passive traffic analysis attack. Our extensive experimental results indicated this to be an effective approach. (2) Our newly proposed countermeasure may not be effective against active traffic analysis attacks, which an adversary may also use to discover the link load. We developed methodologies in countering these kinds of active attacks. (3) To detect the connectivity of a flow, an adversary may embed a recognizable pattern of marks into traffic flows by interference. We have proposed new countermeasures based on the digital filtering technology. Experimental results have demonstrated the effectiveness of our method.
From our research, it is obvious that traffic analysis attacks present a serious challenge to the design of a secured computer network system. It is the objective of this study to develop robust but cost-effective solutions to counter link-load analysis attacks and flow-connectivity analysis attacks. It is our belief that our methodology can provide a solid foundation for studying the entire spectrum of traffic analysis attacks and their countermeasures.
Cited By
- Almeshekah M and Spafford E Planning and Integrating Deception into Computer Security Defenses Proceedings of the 2014 New Security Paradigms Workshop, (127-138)
- Friginal J, de Andrés D, Ruiz J and Martínez M (2014). A survey of evaluation platforms for ad hoc routing protocols, Computer Networks: The International Journal of Computer and Telecommunications Networking, 75:PA, (395-413), Online publication date: 24-Dec-2014.
Index Terms
- On traffic analysis attacks and countermeasures
Recommendations
Active Traffic Analysis Attacks and Countermeasures
ICCNMC '03: Proceedings of the 2003 International Conference on Computer Networks and Mobile ComputingTo explore mission-critical information, an adversary using active traffic analysis attacks injects probing traffic into the victim network and analyzes the status of underlying payload traffic. Active traffic analysis attacks are easy to deploy and ...
Power Analysis Attacks and Countermeasures
One of the biggest challenges of designers of cryptographic devices is to protect the devices against implementation attacks. Power analysis attacks are among the strongest of these attacks. This article provides an overview of power analysis attacks ...