1 / 23

Performance Analysis of Real Traffic Carried with Encrypted Cover Flows

Performance Analysis of Real Traffic Carried with Encrypted Cover Flows. 4 June 2008. Nabil Schear David M. Nicol University of Illinois at Urbana-Champaign Department of Computer Science Information Trust Institute. Network Session Encryption. SSL, IPsec – widespread use

rose-horn
Download Presentation

Performance Analysis of Real Traffic Carried with Encrypted Cover Flows

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Performance Analysis of Real Traffic Carried with Encrypted Cover Flows 4 June 2008 Nabil Schear David M. Nicol University of Illinois at Urbana-Champaign Department of Computer Science Information Trust Institute

  2. Network Session Encryption • SSL, IPsec – widespread use • Provide strong confidentiality through encryption • I depend on SSL daily…so probably do you! • But, session encryption does not mask packet sizes and timing • For performance reasons • Privacy can be breached by traffic analysis attacks

  3. Traffic Analysis Example Attack Port: 443… Small message… Request! Attacker’s Vantage Point On-line Bank GET /request? myacccount. Transfer.html HTTP/1.1 Encrypt 29874ABA.XM.FJ DFALAPDJFA.MF 2304AODJHFA0U @)$*(KJFA;KDJA 29874ABA.XM.FJ DFALAPDJFA.MF 2304AODJHFA0U @)$*(KJFA;KDJA Decrypt Your Computer Requested money Transfer for the Amount of $3000 Do you wish to Accept? 29874ABA.XM.FJ DFALAPDJFA.MF 2304AODJHFA0U @)$*(KJFA;KDJA 29874ABA.XM.FJ DFALAPDJFA.MF 23$*(KJFA;KDJA 29874ABA.XM.FJ DFALAPDJFA.MF 2304AODJHFA0U @)$*(KJFA;KDJA Encrypt Decrypt 29874ABA.XM.FJ DFALAPDJFA.MF 2304AODJHFA0U @)$*(KJFA;KDJA 29874ABA.XM.FJ DFALAPDJFA.MF 23$*(KJFA;KDJA 29874ABA.XM.FJ DFALAPDJFA.MF 2304AODJHFA0U @)$*(KJFA;KDJA Your Transfer Request Page Response of length 14328 bytes Fund Transfer Page!

  4. Traffic Analysis Example Attack Port: 443… Small message… Request! Attacker’s Vantage Point On-line Bank GET /request? myacccount. Transfer.html HTTP/1.1 Encrypt 29874ABA.XM.FJ DFALAPDJFA.MF 2304AODJHFA0U @)$*(KJFA;KDJA 29874ABA.XM.FJ DFALAPDJFA.MF 2304AODJHFA0U @)$*(KJFA;KDJA Decrypt Your Computer Requested money Transfer for the Amount of $3000 Do you wish to Accept? 29874ABA.XM.FJ DFALAPDJFA.MF 2304AODJHFA0U @)$*(KJFA;KDJA 29874ABA.XM.FJ DFALAPDJFA.MF 23$*(KJFA;KDJA 29874ABA.XM.FJ DFALAPDJFA.MF 2304AODJHFA0U @)$*(KJFA;KDJA Encrypt Decrypt 29874ABA.XM.FJ DFALAPDJFA.MF 2304AODJHFA0U @)$*(KJFA;KDJA 29874ABA.XM.FJ DFALAPDJFA.MF 23$*(KJFA;KDJA 29874ABA.XM.FJ DFALAPDJFA.MF 2304AODJHFA0U @)$*(KJFA;KDJA Your Transfer Request Page • Attacker saw no content • BUT still knows what you did Response of length 14328 bytes Fund Transfer Page!

  5. Our Approach: Mimicry • Tunneling over independent cover traffic • Independent packet size and timing • Attacker can’t tell which packets have data and which are cover because of encryption • Use model to generate plausible cover traffic • Who needs this? • Spies, dissidents, whistle blowers, privacy advocates

  6. Performance Analysis • Explore the properties of our technique with simulation and analytic modeling • Questions: • Impact on user experience: delay and throughput? • Overhead over standard transmission? • Is this feasible with disparate traffic patterns? • Can we assess these impacts by using data-driven models of tunnel-free network behavior, and analytic models of tunneling?

  7. Outline • Simulation • Results • Analytic Model • Evaluating delay and model validation • Slowdown • Stability • Future work and conclusions

  8. Simulation Design • Use Flows: model the system with request/response pairs (TCP) • Cover traffic runs continuously with delay between flows • Real traffic starts some time into simulation • Consumes as much space in cover messages as is available • May have to wait for multiple cover sessions

  9. client 1.5 Mbit/s 20 ms delay 100 Mbit/s 50 ms delay 1.5 Mbit/s 20 ms delay SSFNet Implementation Measured native https data suggests 4 traffic classes • Request • Text • Graphics • Heavy Built SSFNet model of real over cover flows based on real prototype implementation • Request size (both flows) sampled same distribution • Separate traffic type distribution assigned cover, real server

  10. Results Notable trends • Real text decreases with cover intensity • Others increase with cover intensity • Throughput degradation runs 65% - 85%

  11. Analytic Model • Using what we learned from simulation, what can we discover with a model? • Validation • Compare against simulation data • Slowdown • Ratio of time to deliver tunneled real traffic vs. native real traffic delivery • Stability • Whether cover traffic keep up with real traffic

  12. on off on off on off time Data Data Data Modeling Cover Sessions Simplify : imagine only response sessions Cover traffic behavior in time is “on-off” renewal

  13. on off on off on off time on off on off on off Off time distribution assumed to be exponential, mean time Data Data Data Modeling Cover Sessions Simplify : imagine only response sessions Cover traffic behavior in time is “on-off” renewal

  14. on off on off on off time Data Data Data On time comprised of random number of Kbytes • geometrically distributed, mean • transfer time per Kbyte Modeling Cover Sessions Simplify : imagine only response sessions Cover traffic behavior in time is “on-off” renewal on off on off on off time

  15. on off on off on off time Data Data Data Modeling Cover Sessions Simplify : imagine only response sessions Cover traffic behavior in time is “on-off” renewal on off on off on off time Random on time is scaled geometric, mean Renewal theory gives us Pr{state is “on”} = E[on] / (E[on]+E[off])

  16. Off time distribution assumed to be exponential, mean Modeling Real Sessions • Real sessions model users • Assume “think time” then interaction • Wait for interaction to complete real session off off time

  17. Modeling Real Sessions on on real session time cover session Multiple Components to the on time 1. time spent tunneling 2. real traffic arrives between cover sessions 3. real traffic overruns cover session Both 2 and 3 have to wait for new session

  18. Validation • Predictions of model validated against data gathered from simulator • Values of estimated from data • Important to understand that per kilobyte transfer costs depend on session lengths, background traffic---and are independent of tunneling • Can be obtained from • Network trace data • Detailed network simulation • Key thing is that these parameters don’t depend on tunneling…but can be used to explain tunneling

  19. Validation Results • Used SSFNet simulation to derive network parameters • % difference is very small • With accurate parameters from network • We use the model to predict mean delay

  20. Understanding Slowdown Slowdown = • Performance at extremes • Waiting time is minimized, slowdown due to • Slowdown due to waiting for cover session to begin and final one to end • All params equal, slowdown is ~3x • Sum of three geometrics: waiting, carrying, and final when

  21. Stability • If tunnel overhead is too large, real traffic will never catch up • Tunneling as a service: G/G/1 queue • Job inter-arrival time is a native real flow’s • Service Time is E[On] • Simplified param space: and

  22. Future Work • Finish real implementation and evaluation • Multiple cover sessions per real flow? • Trade-off between privacy and performance?

  23. Conclusions • Enhancing the privacy of encrypted traffic • Used simulation and modeling to understand effects • Use real traffic measurements to find params for model • Measurements don’t have any concept of tunneling • Simulation plus analytic model powerful But only together…

More Related