A study on countermeasures against traffic analysis attacks /
Computer systems and networks are exceedingly attractive targets to attack since they carry and hold information of enormous value. Traditionally, encryption has played an important role in network security. However, it is a misconception that to secure a network, one only needs to encrypt the traff...
| Main Author: | |
|---|---|
| Format: | Thesis Book |
| Language: | English |
| Published: |
[Place of publication not identified] :
[publisher not identified] ;
2002.
|
| Subjects: | |
| Online Access: | http://proxy.library.tamu.edu/login?url=http://proquest.umi.com/pqdweb?did=765073181&sid=1&Fmt=2&clientId=2945&RQT=309&VName=PQD |
| Summary: | Computer systems and networks are exceedingly attractive targets to attack since they carry and hold information of enormous value. Traditionally, encryption has played an important role in network security. However, it is a misconception that to secure a network, one only needs to encrypt the traffic. In an open network, somebody eavesdropping on an encrypted conversation can still tell who is communicating with whom and how much data are being transferred. With increasing amount of traffic being encrypted and its content therefore being beyond the reach of effective cryptanalysis, attention is shifting towards traffic analysis, a security attack where an adversary infers sensitive information from network traffic to compromise the system. This form of attack is harmful because in certain situations, it may cause disastrous results. In this dissertation, we focus on traffic analysis attacks and their countermeasures. Our major research contributions include modeling, analyzing and optimizing anonymous communication systems. For many Internet applications, the ability to protect the identity of participants in a distributed application is critical since traffic analysis attacks can identify communication parties. Towards this end, a number of anonymous communication systems have been realized. However, there are few quantitative analyses and performance comparisons on how these systems perform. We model and analyze these systems and define a metric (anonymity degree) to measure the ability of these systems to protect identity. We also design and evaluate an optimal route selection strategy that maximizes the anonymity degree of a system. In addition, network traffic pattern is vulnerable to traffic analysis attacks and can often be correlated with sensitive activities of a system. We study how to camouflage a network traffic pattern. The challenge of this study is that we deal with the problem of preventing traffic analysis in the context of a mission critical system where the worst-case delay of packets needs to be guaranteed. We propose a traffic planning algorithm and study traffic padding schemes such that (1) the delay requirements of applications can be met and (2) the traffic pattern can be correctly camouflaged. We discuss issues related to design, implementation, and evaluation of such a system. |
|---|---|
| Item Description: | Vita. "Major Subject: Computer Science". |
| Physical Description: | xvi, 164 leaves : illustrations ; 28 cm. Issued also on microfiche from University Microfilm Inc. |
| Bibliography: | Includes bibliographical references (leaves 112-126). |