Digital Evidence and Computer Crime: Forensic Science, Computers, and the Internet with Cdrom
Digital Evidence and Computer Crime: Forensic Science, Computers, and the Internet with Cdrom
Statistical Identification of Encrypted Web Browsing Traffic
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Defending Anonymous Communications Against Passive Logging Attacks
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Data Mining: Practical Machine Learning Tools and Techniques, Second Edition (Morgan Kaufmann Series in Data Management Systems)
Tor: the second-generation onion router
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Fingerprinting websites using traffic analysis
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Tool review: Network traffic as a source of evidence: tool strengths, weaknesses, and future needs
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Passive-Logging Attacks Against Anonymous Communications Systems
ACM Transactions on Information and System Security (TISSEC)
Devices that tell on you: privacy trends in consumer ubiquitous computing
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
On web browsing privacy in anonymized NetFlows
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Tunnel Hunter: Detecting application-layer tunnels with statistical fingerprinting
Computer Networks: The International Journal of Computer and Telecommunications Networking
Performing traffic analysis on a wireless identifier-free link layer
The Fifth Richard Tapia Celebration of Diversity in Computing Conference: Intellect, Initiatives, Insight, and Innovations
On anonymity in an electronic society: A survey of anonymous communication systems
ACM Computing Surveys (CSUR)
Physical Layer Attacks on Unlinkability in Wireless LANs
PETS '09 Proceedings of the 9th International Symposium on Privacy Enhancing Technologies
Proceedings of the 2009 ACM workshop on Cloud computing security
PET'07 Proceedings of the 7th international conference on Privacy enhancing technologies
A framework for tunneled traffic analysis
ICACT'10 Proceedings of the 12th international conference on Advanced communication technology
ISP-enabled behavioral ad targeting without deep packet inspection
INFOCOM'10 Proceedings of the 29th conference on Information communications
Traffic classification using visual motifs: an empirical evaluation
Proceedings of the Seventh International Symposium on Visualization for Cyber Security
A potential HTTP-based application-level attack against Tor
Future Generation Computer Systems
Fingerprinting websites using remote traffic analysis
Proceedings of the 17th ACM conference on Computer and communications security
Uncovering Spoken Phrases in Encrypted Voice over IP Conversations
ACM Transactions on Information and System Security (TISSEC)
Website fingerprinting and identification using ordered feature sequences
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
gPath: a game-theoretic path selection algorithm to protect Tor's anonymity
GameSec'10 Proceedings of the First international conference on Decision and game theory for security
Inferring users' online activities through traffic analysis
Proceedings of the fourth ACM conference on Wireless network security
A comparative performance evaluation of DNS tunneling tools
CISIS'11 Proceedings of the 4th international conference on Computational intelligence in security for information systems
Effective digital forensics research is investigator-centric
HotSec'11 Proceedings of the 6th USENIX conference on Hot topics in security
Website fingerprinting in onion routing based anonymization networks
Proceedings of the 10th annual ACM workshop on Privacy in the electronic society
Trust-based anonymous communication: adversary models and routing algorithms
Proceedings of the 18th ACM conference on Computer and communications security
Automated black-box detection of side-channel vulnerabilities in web applications
Proceedings of the 18th ACM conference on Computer and communications security
Computer Networks: The International Journal of Computer and Telecommunications Networking
Efficient web browsing with perfect anonymity using page prefetching
ICA3PP'10 Proceedings of the 10th international conference on Algorithms and Architectures for Parallel Processing - Volume Part I
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
Tag size does matter: attacks and proofs for the TLS record protocol
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Beyond TOR: the truenyms protocol
SIIS'11 Proceedings of the 2011 international conference on Security and Intelligent Information Systems
Source attribution for network address translated forensic captures
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Review: A survey on solutions and main free tools for privacy enhancing Web communications
Journal of Network and Computer Applications
Analyzing characteristic host access patterns for re-identification of web user sessions
NordSec'10 Proceedings of the 15th Nordic conference on Information Security Technology for Applications
Website detection using remote traffic analysis
PETS'12 Proceedings of the 12th international conference on Privacy Enhancing Technologies
A new cell-counting-based attack against Tor
IEEE/ACM Transactions on Networking (TON)
Enhancing Tor's performance using real-time traffic classification
Proceedings of the 2012 ACM conference on Computer and communications security
SkypeMorph: protocol obfuscation for Tor bridges
Proceedings of the 2012 ACM conference on Computer and communications security
Touching from a distance: website fingerprinting attacks and defenses
Proceedings of the 2012 ACM conference on Computer and communications security
Who do you sync you are?: smartphone fingerprinting via application behaviour
Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks
MinimaLT: minimal-latency networking through better security
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Improved website fingerprinting on Tor
Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society
DupLESS: server-aided encryption for deduplicated storage
SEC'13 Proceedings of the 22nd USENIX conference on Security
Hi-index | 0.00 |
We examine the effectiveness of two traffic analysis techniques for identifying encrypted HTTP streams. The techniques are based upon classification algorithms, identifying encrypted traffic on the basis of similarities to features in a library of known profiles. We show that these profiles need not be collected immediately before the encrypted stream; these methods can be used to identify traffic observed both well before and well after the library is created. We give evidence that these techniques will exhibit the scalability necessary to be effective on the Internet. We examine several methods of actively countering the techniques, and we find that such countermeasures are effective, but at a significant increase in the size of the traffic stream. Our claims are substantiated by experiments and simulation on over 400,000 traffic streams we collected from 2,000 distinct web sites during a two month period.