Dissertation/Thesis Abstract

Statistical analysis and information leakage attacks on encrypted network traffic
by Wright, Charles V., III, Ph.D., The Johns Hopkins University, 2008, 210; 3309817
Abstract (Summary)

Demands for efficiency in computer networks have led to the development of a set of standard Internet cryptographic protocols that leak meaningful information about the confidential data they transmit. Information leakage occurs because, although the current cryptographic protocols employ strong ciphers to protect the contents of their messages, they do not attempt to hide patterns in when messages are sent, or how large these messages are. Differences in network-layer behavior, which occur as a result of differences in application protocols or user action, thus remain observable even after encryption.

This thesis explores ways in which these differences can be exploited, both by well-meaning network administrators and by malicious eavesdroppers, to infer sensitive information from encrypted traffic. Using a variety of machine learning techniques, we show how patterns in packet sizes and timing can be used to learn about encrypted traffic with a surprising degree of accuracy. First, we show how application protocols can be recognized in traffic encrypted with an end-to-end cryptographic protocl like SSL or TLS, or in certain kinds of SSH tunnels, and how an observer in the network can track the number of live connections over time in such a tunnel. Next, we focus on encrypted voice over IP traffic and show how the combination of variable bit rate speech encoders together with length-preserving stream ciphers could allow an eavesdropper to first identify the language spoken in an encrypted conversation, and then to recognize when a target phrase is spoken. Finally, we provide insight into how such leakage of information might be efficiently counteracted by a sender who actively modifies the lengths of his or her messages in order to confuse the observer.

Indexing (document details)
Advisor: Monrose, Fabian
School: The Johns Hopkins University
School Location: United States -- Maryland
Source: DAI-B 69/04, Dissertation Abstracts International
Subjects: Computer science
Keywords: Cryptography, Encryption, Information leakage, Network security, Network traffic
Publication Number: 3309817
ISBN: 9780549578451
Copyright © 2019 ProQuest LLC. All rights reserved. Terms and Conditions Privacy Policy Cookie Policy