Dummynet: a simple approach to the evaluation of network protocols
ACM SIGCOMM Computer Communication Review
Inferring the source of encrypted HTTP connections
Proceedings of the 13th ACM conference on Computer and communications security
Timing analysis of keystrokes and timing attacks on SSH
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Devices that tell on you: privacy trends in consumer ubiquitous computing
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Spot Me if You Can: Uncovering Spoken Phrases in Encrypted VoIP Conversations
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Proceedings of the 2009 ACM workshop on Cloud computing security
Side-Channel Leaks in Web Applications: A Reality Today, a Challenge Tomorrow
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
Peeping tom in the neighborhood: keystroke eavesdropping on multi-user systems
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Privacy vulnerabilities in encrypted HTTP streams
PET'05 Proceedings of the 5th international conference on Privacy Enhancing Technologies
Designing router scheduling policies: a privacy perspective
Proceedings of the 17th ACM conference on Computer and communications security
Website fingerprinting in onion routing based anonymization networks
Proceedings of the 10th annual ACM workshop on Privacy in the electronic society
Private communication detection: a stochastic approach
Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks
Touching from a distance: website fingerprinting attacks and defenses
Proceedings of the 2012 ACM conference on Computer and communications security
Discovering records of private VoIP calls without wiretapping
Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security
A privacy-aware access control model for distributed network monitoring
Computers and Electrical Engineering
| Hi-index | 0.00 |
Recent work has shown that traffic analysis of data carried on encrypted tunnels can be used to recover important semantic information. As one example, attackers can find out which website, or which page on a website, a user is accessing simply by monitoring the traffic patterns. We show that traffic analysis is a much greater threat to privacy than previously thought, as such attacks can be carried out remotely. In particular, we show that, to perform traffic analysis, adversaries do not need to directly observe the traffic patterns. Instead, they can send probes from a far-off vantage point that exploit a queuing side channel in routers. We demonstrate the threat of such remote traffic analysis by developing a remote website fingerprinting attack that works against home broadband users. Because the observations obtained by probes are more noisy than direct observations, we had to take a new approach to detection that uses the full time series data contained in the observation, rather than summary statistics used in previous work. We perform k-nearest neighbor classification using dynamic time warping (DTW) distance metric. We find that in our experiments, we are able to fingerprint a website with 80% accuracy in both testbed and target system. This shows that remote traffic analysis represents a real threat to privacy on the Internet.