Behavior Shaver: An Application Based Layer 3 VPN that Conceals Traffic Patterns Using SCTP

In recent years, distributed systems are connected by VPN (Virtual Private Network) through the Internet, and construct complicated information systems. These information systems bring benefit and security risks to many users. Representative security risks, vulnerabilities are closely related to application software installed in information systems. If a malicious adversary identifies the application software, he can seek the vulnerabilities easily. Thus, to ensure security of information systems, it is necessary to conceal application software installed in information systems. On the other hand, some attempts have been proposed to identify application software or protocol without scanning the payload. These proposed methods can analyze encrypted traffic, because the methods scan traffic patterns such as packet sizes and transmission intervals. While there are some legitimate uses for encrypted traffic analysis, these methods also raise problems about the confidentiality of encrypted traffic. Many researchers proposed countermeasures against traffic analysis to ensure anonymity in a public network. They indicated how to alter traffic patterns in the main. However, a few researcher indicated how to implement the method. Indeed, though previous VPN applications protect payloads against an eavesdropper, do not conceal side channel information including traffic patterns. Our work applies these proposed countermeasures and shows how to implement a secure VPN application that conceals traffic patterns. To alter traffic patterns, it is necessary to control packet sizes. Many popular application based VPN encapsulates packets by TCP or UDP. However, TCP cannot control packet sizes strictly. Though UDP can control packet sizes without difficulty, does not ensure reliable data transmission. A secure application based VPN requires a protocol that can control packet sizes strictly and can ensure reliable data transmission in untrusted networks. SCTP (Stream Control Transmission- - Protocol) is a suitable solution for these requirements. This paper proposes the behavior shaver, an application based layer 3 VPN that conceals traffic patterns using SCTP. The results of experiments show the performance.