1 result where citekey includes Bissias:2005.
[All entries] This page as [Text] or [Bibtex]

  • @inproceedings{Bissias:2005,
    Abstract = {Encrypting traffic does not prevent an attacker from performing some types of traffic analysis. We present a straightforward traffic analysis attack against encrypted HTTP streams that is surprisingly effective in identifying the source of the traffic. An attacker starts by creating a profile of the statistical characteristics of web requests from interesting sites, including distributions of packet sizes and inter-arrival times. Later, candidate encrypted streams are compared against these profiles. In our evaluations using real traffic, we find that many web sites are sub ject to this attack. With a training period of 24 hours and a 1 hour delay afterwards, the attack achieves only 23% accuracy. However, an attacker can easily pre-determine which of trained sites are easily identifiable. Accordingly, against 25 such sites, the attack achieves 40% accuracy; with three guesses, the attack achieves 100% accuracy for our data. Longer delays after training decrease accuracy, but not substantially. We also propose some countermeasures and improvements to our current method. Previous work analyzed SSL traffic to a proxy, taking advantage of a known flaw in SSL that reveals the length of each web object. In contrast, we exploit the statistical characteristics of web streams that are encrypted as a single flow, which is the case with WEP/WPA, IPsec, and SSH tunnels.},
    Author = {Bissias, George and Liberatore, Marc and Jensen, David and Levine, Brian Neil},
    Booktitle = {Proc. Privacy Enhancing Technologies Workshop (PET)},
    Keywords = {security; anonymity; privacy},
    Month = {May},
    Pages = {1--11},
    Sponsors = {NSF-0133055 and NSF-0325868 and NSF-0080199},
    Title = {{Privacy Vulnerabilities in Encrypted HTTP Streams}},
    Traces_Url = {http://traces.cs.umass.edu},
    Url = {http://forensics.umass.edu/pubs/bissias.liberatore.pet.2005.pdf},
    Year = {2005},
    Bdsk-Url-1 = {http://forensics.umass.edu/pubs/bissias.liberatore.pet.2005.pdf}}

    [link][PDF]

 
Keywords
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
2000
1999
1998
1997
1996