It has been demonstrated that traffic analysis can disclose information supposedly secured by encrypted channels. Key feature of packetized traffic exploited to that purpose are packet lengths, inter-packet times, direction of packets. This work aims at assessing the overhead and delay implied by traffic masking algorithms that conceal the information leakage exploited by statistical traffic analysis. Traffic masking is obtained by reshaping packet lengths and inter-arrival times in a masking device. It is shown that the overhead-delay trade-off of the masking device is optimized by using circuit like traffic shaping, under the constraint of removing information leakage entirely (full privacy). Numerical examples are provided with real traffic traces both for full privacy and for a relaxed heuristic masking algorithm that leaks some information on packet lengths to mitigate the overhead. © 2013 IEEE.
Investigating the trade-off between overhead and delay for full packet traffic privacy / Iacovazzi, Alfonso; Baiocchi, Andrea. - (2013), pp. 1345-1350. (Intervento presentato al convegno 2013 IEEE International Conference on Communications Workshops, ICC 2013 tenutosi a Budapest; Hungary nel 9 June 2013 through 13 June 2013) [10.1109/iccw.2013.6649446].
Investigating the trade-off between overhead and delay for full packet traffic privacy
IACOVAZZI, ALFONSO;BAIOCCHI, Andrea
2013
Abstract
It has been demonstrated that traffic analysis can disclose information supposedly secured by encrypted channels. Key feature of packetized traffic exploited to that purpose are packet lengths, inter-packet times, direction of packets. This work aims at assessing the overhead and delay implied by traffic masking algorithms that conceal the information leakage exploited by statistical traffic analysis. Traffic masking is obtained by reshaping packet lengths and inter-arrival times in a masking device. It is shown that the overhead-delay trade-off of the masking device is optimized by using circuit like traffic shaping, under the constraint of removing information leakage entirely (full privacy). Numerical examples are provided with real traffic traces both for full privacy and for a relaxed heuristic masking algorithm that leaks some information on packet lengths to mitigate the overhead. © 2013 IEEE.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
