Using covert channels to evaluate the effectiveness of flow confidentiality measures

Author

Graham, Bryan ; Zhu, Ye ; Fu, Xinwen ; Bettati, Riccardo

Author_Institution

Dept. of Comput. Sci., Texas A&M Univ., College Station, TX, USA

Volume

1

fYear

2005

fDate

20-22 July 2005

Firstpage

57

Abstract

With an increasing amount of Internet traffic becoming encrypted, traffic analysis attacks have become a more important topic lately. One of the most common and effective ways to prevent traffic analysis is link padding, where dummy traffic is added to hide the real traffic pattern. In principle, link padding can perfectly hide the underlying traffic. In practice however, it has been shown to be very difficult to implement correctly and has also been shown to be ineffective if not correctly implemented. In this paper we provide an information theoretic analysis of the effectiveness of a link padding implementation. We represent the imperfections of a padding implementation as a covert channel and determine the capacity of the information leakage. We show experimental results and present models that describe how practical aspects, such as cross-traffic and network congestion affect the information leakage of link padding.

Keywords

Internet; cryptography; information theory; telecommunication congestion control; telecommunication security; telecommunication traffic; Internet traffic; covert channels; cross traffic; flow confidentiality measures; information theoretic analysis; link padding; network congestion; traffic analysis attack; Computer science; Cryptography; Fluid flow measurement; Information analysis; Internet; Pattern analysis; Stochastic processes; Telecommunication traffic; Timing; Traffic control;

fLanguage

English

Publisher

ieee

Conference_Titel

Parallel and Distributed Systems, 2005. Proceedings. 11th International Conference on

ISSN

1521-9097

Print_ISBN

0-7695-2281-5

Type

conf

DOI

10.1109/ICPADS.2005.290

Filename

1531107