TY - GEN
T1 - Low-cost side channel remote traffic analysis attack in packet networks
AU - Kadloor, Sachin
AU - Gong, Xun
AU - Kiyavash, Negar
AU - Tezcan, Tolga
AU - Borisov, Nikita
N1 - Copyright:
Copyright 2010 Elsevier B.V., All rights reserved.
PY - 2010
Y1 - 2010
N2 - This paper presents a dangerous low-cost traffic analysis attack in packet-based networks, such as the Internet. The attack is mountable in any scenario where a shared routing resource exists among users. A real-world attack successfully compromised the privacy of a user without requiring significant resources in terms of access, memory, or computational power. The effectiveness of our attack is demonstrated in a scenario where the user's DSL router uses FCFS scheduling policy. Specifically, we show that by using a low-rate sequence of probes, a remote attacker can obtain significant traffic-timing and volume information about a particular user, just by observing the round trip time of the probes. We also observe that even when the scheduling policy is changed to round-robin, while the correlation reduces significantly, the attacker can still reliably deduce user's traffic pattern. Most of the router scheduling policies designed to date are evaluated mostly on the metrics of throughput, delay and fairness. Our work is aimed to demonstrate a need for considering an additional metric that quantifies the information leak between the individual traffic flows through the router.
AB - This paper presents a dangerous low-cost traffic analysis attack in packet-based networks, such as the Internet. The attack is mountable in any scenario where a shared routing resource exists among users. A real-world attack successfully compromised the privacy of a user without requiring significant resources in terms of access, memory, or computational power. The effectiveness of our attack is demonstrated in a scenario where the user's DSL router uses FCFS scheduling policy. Specifically, we show that by using a low-rate sequence of probes, a remote attacker can obtain significant traffic-timing and volume information about a particular user, just by observing the round trip time of the probes. We also observe that even when the scheduling policy is changed to round-robin, while the correlation reduces significantly, the attacker can still reliably deduce user's traffic pattern. Most of the router scheduling policies designed to date are evaluated mostly on the metrics of throughput, delay and fairness. Our work is aimed to demonstrate a need for considering an additional metric that quantifies the information leak between the individual traffic flows through the router.
UR - http://www.scopus.com/inward/record.url?scp=77955359942&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=77955359942&partnerID=8YFLogxK
U2 - 10.1109/ICC.2010.5501972
DO - 10.1109/ICC.2010.5501972
M3 - Conference contribution
AN - SCOPUS:77955359942
SN - 9781424464043
T3 - IEEE International Conference on Communications
BT - 2010 IEEE International Conference on Communications, ICC 2010
T2 - 2010 IEEE International Conference on Communications, ICC 2010
Y2 - 23 May 2010 through 27 May 2010
ER -