Title :
Active traffic analysis attacks and countermeasures
Author :
Fu, Xinwen ; Graham, Bryan ; Bettati, Riccardo ; Zhao, Wei
Author_Institution :
Dept. of Comput. Sci., Texas A&M Univ., College Station, TX, USA
Abstract :
To explore mission-critical information, an adversary using active traffic analysis attacks injects probing traffic into the victim network and analyzes the status of underlying payload traffic. Active traffic analysis attacks are easy to deploy and hence become a serious threat to mission critical applications. This paper suggests statistical pattern recognition as a fundamental technology to evaluate effectiveness of active traffic analysis attacks and corresponding countermeasures. Our evaluation shows that sample entropy of ping packets´ round trip time is an effective feature statistic to discover the payload traffic rate. We propose simple countermeasures that can significantly reduce the effectiveness of ping-based active traffic analysis attacks. Our experiments validate the effectiveness of this scheme, which can also be used in other scenarios.
Keywords :
Internet; computer networks; statistical analysis; telecommunication security; telecommunication traffic; Internet; active traffic analysis; attack analysis; countermeasures; mission-critical information; network security; payload traffic; statistical pattern recognition; Entropy; Information analysis; Information security; Internet; Mission critical systems; Pattern analysis; Payloads; Statistical analysis; Telecommunication traffic; Wire;
Conference_Titel :
Computer Networks and Mobile Computing, 2003. ICCNMC 2003. 2003 International Conference on
Print_ISBN :
0-7695-2033-2
DOI :
10.1109/ICCNMC.2003.1243024
