Date post: | 14-Dec-2015 |
Category: |
Documents |
Upload: | devyn-gatliff |
View: | 219 times |
Download: | 1 times |
Traffic Morphing: An Efficient DefenseAgainst Statistical Traffic Analysis
Charles Wright, Scott Coull, Fabian Monrose
Presented by Sruthi Vemulapalli
Introduction
• Network traffic analysis• How to reduce the leak of data?• Convex optimization• Examples• Traffic classification techniques
VoIP language classifier Web page classifier
• Statistical distribution in encrypted VoIP
• Mimicry attack
• Polymorphic blending technique
• Other approaches
Traffic Morphing
• Goal: To provide users with an efficient method of preventing information leakage that induces less overhead.
• Operation :– Selection of source processes– Selection of target processes– Morphing Matrix– Morphing algorithm– Data interception
Morphing Matrix
• Source process : X = [x1, x2, . . . , xn]T, xi is the probability
of the ith largest packet size• Target process :
Y = [y1, y2, . . . , yn]T• Morphing Matrix A = [aij], where Y=AX
Operation
• Packet received from source application• Altering of packets• Cumulative probability si=sum of the
probabilities for all sizes <=si• Sampling Target size• Advantage :– Minimum overhead– Matrix generation performed offline
Morphing via Convex Optimization
• From A we have n2 unknowns• Y=AX representation
• n equations from the matrix
• Another n equations
• Minimizing the cost function f0(A) • Solving convex optimization functions• Example
Overall cost matrix A represented as:
• Optimization problem in standard form
Additional Morphing Constraints
• Uses: Preserve the quality of the data Minimize number of packets produced
• Adding equality constraints• Disadvantage :
Overspecified equations with no valid solution
Dealing with Large Sample Spaces
• Problem with growth of constraints Complexity of finding morphing matrices
when n is large becomes prohibitively high
• Divide and Conquer strategy
• Applying the strategy to X and Y vectors
Practical Considerations
• Short Network Sessions
• Variations in Source Distribution
• Reducing Packet Sizes
Conclusion
• Traffic morphing, chooses the best way to alter the feature(s) of a packet
• Privacy and efficiency are balanced through the use of convex optimization techniques
• Works in real-time• Reduces the accuracy of the VoIP and
webpage classifier