commit da2d7948c745bf7e9e74d450eba518010002e853 Author: Karsten Loesing karsten.loesing@gmx.net Date: Wed Aug 22 08:52:53 2012 +0200
Turn manual bibliography into BibTeX and footnotes. --- 2012/morpher/morpher.bib | 44 +++++++++++++++++++++++++ 2012/morpher/morpher.tex | 80 ++++++++++++++-------------------------------- 2 files changed, 68 insertions(+), 56 deletions(-)
diff --git a/2012/morpher/morpher.bib b/2012/morpher/morpher.bib new file mode 100644 index 0000000..7fa7712 --- /dev/null +++ b/2012/morpher/morpher.bib @@ -0,0 +1,44 @@ +@inproceedings{ll, + title = {{Inferring the Source of Encrypted HTTP Connections}}, + author = {Marc Liberatore and Brian Neil Levine}, + booktitle = {Proceedings of the 13th ACM conference on Computer and Communications + Security (CCS 2006)}, + year = {2006}, + month = {October}, + pages = {255--263}, + note = {\url{http://freehaven.net/anonbib/#Liberatore:2006%7D%7D, +} + +@inproceedings{herrmann, + title = {Website fingerprinting: attacking popular privacy enhancing technologies with + the multinomial na"{\i}ve-bayes classifier}, + author = {Dominik Herrmann and Rolf Wendolsky and Hannes Federrath}, + booktitle = {Proceedings of the 2009 ACM workshop on Cloud computing security (CCSW + '09)}, + year = {2009}, + address = {New York, NY, USA}, + pages = {31--42}, + publisher = {ACM}, + note = {\url{http://freehaven.net/anonbib/#ccsw09-fingerprinting%7D%7D, +} + +@inproceedings{panchenko, + title = {Website Fingerprinting in Onion Routing Based Anonymization Networks}, + author = {Andriy Panchenko and Lukas Niessen and Andreas Zinnen and Thomas Engel}, + booktitle = {Proceedings of the Workshop on Privacy in the Electronic Society (WPES 2011)}, + year = {2011}, + month = {October}, + publisher = {ACM}, + note = {\url{http://freehaven.net/anonbib/#wpes11-panchenko%7D%7D, +} + +@inproceedings{tm, + title = {Traffic Morphing: An efficient defense against statistical traffic analysis}, + author = {Charles Wright and Scott Coull and Fabian Monrose}, + booktitle = {Proceedings of the Network and Distributed Security Symposium - {NDSS} '09}, + year = {2009}, + month = {February}, + publisher = {IEEE}, + note = {\url{http://freehaven.net/anonbib/#morphing09%7D%7D, +} + diff --git a/2012/morpher/morpher.tex b/2012/morpher/morpher.tex index 43442df..d1ee1de 100644 --- a/2012/morpher/morpher.tex +++ b/2012/morpher/morpher.tex @@ -23,19 +23,20 @@ sized Tor cells, most TCP packets of Tor traffic are 586 bytes in size \begin{center} \includegraphics[width=\textwidth]{tor_cs.pdf} \end{center} -\caption{Packet size probability distribution of Tor Client-to-Server traffic \cite{caida}} +\caption{Packet size probability distribution of Tor Client-to-Server traffic} \label{tor_cs.pdf} \end{figure}
-On the other hand, HTTPS, the protocol that Tor tries to simulate -\cite{tls_norm}, has a much more spread out packet size probability +On the other hand, HTTPS, the protocol that Tor tries to simulate,% +\footnote{\url{https://lists.torproject.org/pipermail/tor-dev/2011-January/001077.html%7D%7... +has a much more spread out packet size probability distribution (See Figure \ref{https_cs.pdf})
\begin{figure}[h] \begin{center} \includegraphics[width=\textwidth]{https_cs.pdf} \end{center} -\caption{Packet size probability distribution of HTTPS Client-to-Server traffic \cite{caida}} +\caption{Packet size probability distribution of HTTPS Client-to-Server traffic} \label{https_cs.pdf} \end{figure}
@@ -49,7 +50,11 @@ to Tor.
Some network protocols already use padding to defend against traffic fingerprinting attacks. SSH and TLS, for example, both support padding -in their messages \cite{ssh} \cite{gnutls}. Most implementations of +in their messages% +\footnote{\url{https://www.ietf.org/rfc/rfc4344.txt%7D%7D% +\textsuperscript{,}% +\footnote{\url{https://www.gnu.org/software/gnutls/manual/gnutls.html%5C#On-Record-Padding%.... +Most implementations of those protocols don't pad by default. The ones that do, add a random amount of padding to the protocol message.
@@ -139,7 +144,11 @@ is what they did in their implementation.
Unfortunately, the splitting problem of the previous section is not only theoretical. To evaluate the bandwidth overhead of morphing -matrices, we made software \cite{morpher_eval} that simulates the +matrices, we made software% +\footnote{\url{https://trac.torproject.org/projects/tor/ticket/5023%7D%7D% +\textsuperscript{,}% +\footnote{\url{https://lists.torproject.org/pipermail/tor-dev/2011-January/001077.html%7D%7... +that simulates the morphing of a large number of packets. Specifically, our software morphs 500000 packets using both random sampling and traffic morphing, and plots the overhead. (In traffic morphing, we use random sampling @@ -245,60 +254,19 @@ with better resistance against payload fingerprinting, which we think real-life attackers are likely to do, and also pluggable transports which can get through HTTP proxy servers.
-\section{Acknowledgments} +\section*{Acknowledgments}
Thanks to Steven J. Murdoch and the Tor Project for the fruitful conversations on packet size pluggable transports.
-\bibliographystyle{plain} -\begin{thebibliography}{9} +The packet length probability distributions were formed after +analysis of traffic traces kindly provided by CAIDA. The traffic +traces were captured by monitoring an Equinix datacenter in Chicago, +IL.% +\footnote{\url{https://gitorious.org/morpher/morpher/blobs/master/ACKNOWLEDGMENTS%7D%7D% +\textsuperscript{,}% +\footnote{\url{https://gitorious.org/morpher/morpher/trees/master/data%7D%7D
-\bibitem{ssh} - \url{https://www.ietf.org/rfc/rfc4344.txt%7D - -\bibitem{gnutls} - \url{https://www.gnu.org/software/gnutls/manual/gnutls.html%5C#On-Record-Padding%... - -\bibitem{ll} - M. Liberatore, B. N. Levine, \textit{Inferring the Source - of Encrypted HTTP Connections}, CCS2006, October 2006. - -\bibitem{herrmann} - Dominik Herrmann, Rolf Wendolsky, and Hannes - Federrath. 2009. Website fingerprinting: attacking popular privacy - enhancing technologies with the multinomial naïve-bayes classifier. - -\bibitem{tls_norm} - \url{https://lists.torproject.org/pipermail/tor-dev/2011-January/001077.html%7D - -\bibitem{morpher_eval} - \textit{Morpher pluggable transport: Select algorithm for packet size morphing} - - \url{https://trac.torproject.org/projects/tor/ticket/5023%7D - - \url{https://lists.torproject.org/pipermail/tor-dev/2011-January/001077.html%7D - -\bibitem{panchenko} - Andriy Panchenko, Lukas Niessen, Andreas Zinnen, and Thomas - Engel. 2011. \textit{Website fingerprinting in onion routing based - anonymization networks}. - -\bibitem{tm} - Charles Wright, Scott Coulls, Fabian Monrose. \textit{Traffic - Morphing: An efficient defense against statistical traffic - analysis.} In Proceedings of the 14th Annual Network and - Distributed Systems Symposium (NDSS), Feb, 2009. - -\bibitem{caida} - The packet length probability distributions were formed after - analysis of traffic traces kindly provided by CAIDA. The traffic - traces were captured by monitoring an Equinix datacenter in Chicago, - IL. - - \url{https://gitorious.org/morpher/morpher/blobs/master/ACKNOWLEDGMENTS%7D - - \url{https://gitorious.org/morpher/morpher/trees/master/data%7D - -\end{thebibliography} +\bibliography{morpher}
\end{document}