On Effectiveness of Link Padding for Statistical Traffic Analysis Attacks**This work was supported in part by the National Science Foundation under Contract EIA-0081761, by the Defensive Advanced Research Projects Agency under Contract F30602–99-1–0531, and by the Texas Higher Education Coordinating Board under its Advanced Technology Program. | Conference Paper individual record
abstract

Traffic analysis attacks aim at deriving mission critical information from the analysis of the traffic transmitted over a network. Countermeasures for such attacks are usually realized by properly \"padding\" the payload traffic so that the statistics of the overall traffic become significantly different from that of the payload traffic. In this paper, we propose a analytical framework for traffic analysis attacks based on statistical pattern recognition techniques. We study the effectiveness of countermeasures for traffic analysis attacks within our proposed framework. Two basic countermeasure strategies are (a) to pad the traffic with constant interarrival times of packets (CIT) or (b) to pad the traffic with variable interarrival times (VIT). Our experiments show that CIT countermeasures fail when the adversary uses sample variance or sample entropy of packet interarrival times for statistical analysis. On the other hand, VIT countermeasures are effective regardless of which sample statistics are used by the adversary. These observations are validated by analysis of detection rates based on sample distributions of packet interarrival times.

author list (cited authors)
Fu, X., Graham, B., Bettati, R., & Zhao, W.
publication date
2003
publisher
IEEE Publisher
keywords
  • Traffic Analysis Attacks
  • Statistical Pattern Recognition
  • Packet Interarrival Times
  • Statistical Analysis
altmetric score

3.0

citation count

28