On effectiveness of link padding for statistical traffic analysis attacks Conference Paper uri icon

abstract

  • Traffic analysis attacks aim at deriving mission critical information from the analysis of the traffic transmitted over a network. Countermeasures for such attacks are usually realized by properly "padding" the payload traffic so that the statistics of the overall traffic become significantly different from that of the payload traffic. In this paper, we propose a analytical framework for traffic analysis attacks based on statistical pattern recognition techniques. We study the effectiveness of countermeasures for traffic analysis attacks within our proposed framework. Two basic countermeasure strategies are (a) to pad the traffic with constant interarrival times of packets (CIT) or (b) to pad the traffic with variable interarrival times (VIT). Our experiments show that CIT countermeasures fail when the adversary uses sample variance or sample entropy of packet interarrival times for statistical analysis. On the other hand, VIT countermeasures are effective regardless of which sample statistics are used by the adversary. These observations are validated by analysis of detection rates based on sample distributions of packet interarrival times.

name of conference

  • 23rd International Conference on Distributed Computing Systems, 2003. Proceedings.

published proceedings

  • 23RD INTERNATIONAL CONFERENCE ON DISTRIBUTED COMPUTING SYSTEMS, PROCEEDINGS

altmetric score

  • 3

author list (cited authors)

  • Fu, X. W., Graham, B., Bettati, R., & Zhao, W.

citation count

  • 31

complete list of authors

  • Fu, XW||Graham, B||Bettati, R||Zhao, W

publication date

  • January 2002