Preventing Timing Analysis in Networks: A Statistical Inference Perspective

Information security requires the protection of not only the contents of data transmitted but also the timing of network operations. Knowledge of timing alone can reveal to an adversary the nature of users\´ online behavior, including, but not restricted to, Web sites accessed, recipients of e-mails and chat messages, financial resources considered, and more. It is imperative that current network protocols be redesigned to prevent the retrieval of packet timing in a network and limit the "networking" information inferable from the timing. Timing information can be retrieved by adversaries both passive and active: active adversaries masquerade as network users and retrieve the timing of other legitimate users using delays experienced at shared schedulers, while passive adversaries utilize sophisticated snooping equipment to detect timing without actively participating in the network. In this article, a signal processing perspective is presented to study the protection against each kind of adversary, and a path to a unified solution to prevent timing analysis is discussed. Such unified scheduling strategies are shown to require a limited transmission of "dummy" packets to obfuscate the information retrieved by any adversary.