A Game-Theoretically Optimal Defense Paradigm against Traffic Analysis Attacks using Multipath Routing and Deception

Masoumeh Abolfathi, Ilan Shomorony, Alireza Vahid, Jafar Haadi Jafarian

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

While encryption can protect network traffic against simple on-path eavesdropping attacks, it cannot prevent sophisticated traffic analysis (TA) attacks from inferring sensitive information. TA attackers utilize machine learning algorithms to learn the traffic patterns of a communication (e.g., a website visit) and then use these learned patterns to accurately identify similar communications (which website is being visited by a targeted user), even though packets are encrypted. In this paper, we propose a novel and effective defense approach to protect users' privacy against TA attacks. The proposed approach is based on two proactive defense paradigms: multipath routing and deception. The route randomization strategy distributes packets of a flow on multiple paths between a source and destination to restrict the amount of traffic that a TA adversary can collect from a flow. The deception strategy augments the randomization strategy by injecting fake packets among the real packets of a flow on different paths. Our focal research problem is to identify the optimal strategies for how real and fake packets must be distributed on multiple paths with different capacities to achieve maximum effectiveness against TA attacks. We formalize the problem as a zero-sum game and show that the water-filling distribution of real and fake packets provides an optimal defense solution. Through theoretical and experimental studies, we demonstrate that the proposed approach can significantly degrade the accuracy of the TA attacks. Unlike other defensive approaches in the literature, our approach works without manipulating the production traffic (e.g., delaying packets or padding), or requiring any real-time information about the protected traffic flows.

Original languageEnglish (US)
Title of host publicationSACMAT 2022 - Proceedings of the 27th ACM Symposium on Access Control Models and Technologies
PublisherAssociation for Computing Machinery
Pages67-78
Number of pages12
ISBN (Electronic)9781450393577
DOIs
StatePublished - Jun 7 2022
Event27th ACM Symposium on Access Control Models and Technologies, SACMAT 2022 - Virtual, Online, United States
Duration: Jun 8 2022Jun 10 2022

Publication series

NameProceedings of ACM Symposium on Access Control Models and Technologies, SACMAT

Conference

Conference27th ACM Symposium on Access Control Models and Technologies, SACMAT 2022
Country/TerritoryUnited States
CityVirtual, Online
Period6/8/226/10/22

Keywords

  • cyber deception
  • machine learning
  • multipath routing
  • traffic analysis
  • water-filling

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality
  • Information Systems

Fingerprint

Dive into the research topics of 'A Game-Theoretically Optimal Defense Paradigm against Traffic Analysis Attacks using Multipath Routing and Deception'. Together they form a unique fingerprint.

Cite this