Performance Analysis of Real Traffic Carried with Encrypted Cover Flows Nabil Schear David M. Nicol University of Illinois at Urbana-Champaign Department.

Slides:



Advertisements
Similar presentations
SCTP v/s TCP – A Comparison of Transport Protocols for Web Traffic CS740 Project Presentation by N. Gupta, S. Kumar, R. Rajamani.
Advertisements

Chapter 7: Transport Layer
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
UDP & TCP Where would we be without them!. UDP User Datagram Protocol.
Delay and Throughput in Random Access Wireless Mesh Networks Nabhendra Bisnik, Alhussein Abouzeid ECSE Department Rensselaer Polytechnic Institute (RPI)
Copyright © 2005 Department of Computer Science CPSC 641 Winter PERFORMANCE EVALUATION Often in Computer Science you need to: – demonstrate that.
Silberschatz, Galvin and Gagne  2002 Modified for CSCI 399, Royden, Operating System Concepts Operating Systems Lecture 19 Scheduling IV.
Admission Control and Scheduling for QoS Guarantees for Variable-Bit-Rate Applications on Wireless Channels I-H. Hou and P.R. Kumar Department of Computer.
PERSISTENT DROPPING: An Efficient Control of Traffic Aggregates Hani JamjoomKang G. Shin Electrical Engineering & Computer Science UNIVERSITY OF MICHIGAN,
An Empirical Study of Real Audio Traffic A. Mena and J. Heidemann USC/Information Sciences Institute In Proceedings of IEEE Infocom Tel-Aviv, Israel March.
On Modeling Feedback Congestion Control Mechanism of TCP using Fluid Flow Approximation and Queuing Theory  Hisamatu Hiroyuki Department of Infomatics.
AQM for Congestion Control1 A Study of Active Queue Management for Congestion Control Victor Firoiu Marty Borden.
1 PERFORMANCE EVALUATION H Often one needs to design and conduct an experiment in order to: – demonstrate that a new technique or concept is feasible –demonstrate.
OS Fall ’ 02 Performance Evaluation Operating Systems Fall 2002.
SAVE: Source Address Validity Enforcement Protocol Jun Li, Jelena Mirković, Mengqiu Wang, Peter Reiher and Lixia Zhang UCLA Computer Science Dept 10/04/2001.
1 Performance Evaluation of Computer Networks Objectives  Introduction to Queuing Theory  Little’s Theorem  Standard Notation of Queuing Systems  Poisson.
A Model for MPEG with Forward Error Correction (FEC) and TCP-Friendly Bandwidth Huahui Wu, Mark Claypool & Robert Kinicki Computer Science Department Worcester.
Performance Evaluation
Performance Evaluation of Peer-to-Peer Video Streaming Systems Wilson, W.F. Poon The Chinese University of Hong Kong.
Little’s Theorem Examples Courtesy of: Dr. Abdul Waheed (previous instructor at COE)
1 Validation and Verification of Simulation Models.
1 PERFORMANCE EVALUATION H Often in Computer Science you need to: – demonstrate that a new concept, technique, or algorithm is feasible –demonstrate that.
1 Internet Management and Security We will look at management and security of networks and systems. Systems: The end nodes of the Internet Network: The.
7/3/2015© 2007 Raymond P. Jefferis III1 Queuing Systems.
OS Fall ’ 02 Performance Evaluation Operating Systems Fall 2002.
Performance Evaluation of a DBMS Shahram Ghandeharizadeh Computer Science Department University of Southern California.
Proxy-based TCP over mobile nets1 Proxy-based TCP-friendly streaming over mobile networks Frank Hartung Uwe Horn Markus Kampmann Presented by Rob Elkind.
Investigating Forms of Simulating Web Traffic Yixin Hua Eswin Anzueto Computer Science Department Worcester Polytechnic Institute Worcester, MA.
A Selective Retransmission Protocol for Multimedia on the Internet Mike Piecuch, Ken French, George Oprica and Mark Claypool Computer Science Department.
1 Minimizing End-to-End Delay: A Novel Routing Metric for Multi- Radio Wireless Mesh Networks Hongkun Li, Yu Cheng, Chi Zhou Department of Electrical and.
Designing Security In Web Applications Andrew Tomkowiak 10/8/2013 UW-Platteville Software Engineering Department
Analysis of Simulation Results Andy Wang CIS Computer Systems Performance Analysis.
Introduction to Discrete Event Simulation Customer population Service system Served customers Waiting line Priority rule Service facilities Figure C.1.
Simulation Examples ~ By Hand ~ Using Excel
1 Performance Evaluation of Computer Systems and Networks Introduction, Outlines, Class Policy Instructor: A. Ghasemi Many thanks to Dr. Behzad Akbari.
An Efficient Approach for Content Delivery in Overlay Networks Mohammad Malli Chadi Barakat, Walid Dabbous Planete Project To appear in proceedings of.
Introduction to Operations Research
UNIT IP Datagram Fragmentation Figure 20.7 IP datagram.
NETE4631:Capacity Planning (2)- Lecture 10 Suronapee Phoomvuthisarn, Ph.D. /
ICOM 6115: Computer Systems Performance Measurement and Evaluation August 11, 2006.
Transport Layer COM211 Communications and Networks CDA College Theodoros Christophides
Dana Butnariu Princeton University EDGE Lab June – September 2011 OPTIMAL SLEEPING IN DATACENTERS Joint work with Professor Mung Chiang, Ioannis Kamitsos,
June 10, 1999 Discrete Event Simulation - 3 What other subsystems do we need to simulate? Although Packets are responsible for the largest amount of events,
1 On Dynamic Parallelism Adjustment Mechanism for Data Transfer Protocol GridFTP Takeshi Itou, Hiroyuki Ohsaki Graduate School of Information Sci. & Tech.
Carnegie Mellon University Computer Science Department 1 OPEN VERSUS CLOSED: A CAUTIONARY TALE Bianca Schroeder Adam Wierman Mor Harchol-Balter Computer.
Chapter 10 Verification and Validation of Simulation Models
Doc.: IEEE /1222r1 Submission November 2009 Eldad Perahia, Intel CorporationSlide 1 Hard Disk Drive Traffic Model for TGad Date: Authors:
Measuring the Capacity of a Web Server USENIX Sympo. on Internet Tech. and Sys. ‘ Koo-Min Ahn.
By Sandeep Gadi 12/20/  Design choices for securing a system affect performance, scalability and usability. There is usually a tradeoff between.
An Efficient Gigabit Ethernet Switch Model for Large-Scale Simulation Dong (Kevin) Jin.
OPERATING SYSTEMS CS 3530 Summer 2014 Systems and Models Chapter 03.
An Efficient Gigabit Ethernet Switch Model for Large-Scale Simulation Dong (Kevin) Jin.
Web Application (In)security Note: Unless noted differently, all scanned figures were from the textbook, Stuttard & Pinto, 2011.
Lecture 17 Page 1 CS 236 Online Onion Routing Meant to handle issue of people knowing who you’re talking to Basic idea is to conceal sources and destinations.
1 / 21 Providing Differentiated Services from an Internet Server Xiangping Chen and Prasant Mohapatra Dept. of Computer Science and Engineering Michigan.
Random Variables r Random variables define a real valued function over a sample space. r The value of a random variable is determined by the outcome of.
Building Valid, Credible & Appropriately Detailed Simulation Models
OPERATING SYSTEMS CS 3502 Fall 2017
Hybrid Cloud Architecture for Software-as-a-Service Provider to Achieve Higher Privacy and Decrease Securiity Concerns about Cloud Computing P. Reinhold.
SCTP v/s TCP – A Comparison of Transport Protocols for Web Traffic
Chapter 10 Verification and Validation of Simulation Models
B.Ramamurthy Appendix A
Capacity Analysis, cont. Realistic Server Performance
CPU Scheduling G.Anuradha
Computer Systems Performance Evaluation
Variability 8/24/04 Paul A. Jensen
Javad Ghaderi, Tianxiong Ji and R. Srikant
Computer Systems Performance Evaluation
Approximate Mean Value Analysis of a Database Grid Application
Presentation transcript:

Performance Analysis of Real Traffic Carried with Encrypted Cover Flows Nabil Schear David M. Nicol University of Illinois at Urbana-Champaign Department of Computer Science Information Trust Institute 4 June 2008

2 Network Session Encryption SSL, IPsec – widespread use –Provide strong confidentiality through encryption –I depend on SSL daily…so probably do you! But, session encryption does not mask packet sizes and timing –For performance reasons Privacy can be breached by traffic analysis attacks

3 Traffic Analysis Example Attack Your Computer Encrypt 29874ABA.XM.FJ DFALAPDJFA.MF On-line Bank GET /request? myacccount. Transfer.html HTTP/ ABA.XM.FJ DFALAPDJFA.MF Decrypt Attacker’s Vantage Point Port: 443… Small message… Request! 29874ABA.XM.FJ DFALAPDJFA.MF 29874ABA.XM.FJ DFALAPDJFA.MF 23$*(KJFA;KDJA 29874ABA.XM.FJ DFALAPDJFA.MF Encrypt Your Transfer Request Page 29874ABA.XM.FJ DFALAPDJFA.MF 29874ABA.XM.FJ DFALAPDJFA.MF 23$*(KJFA;KDJA 29874ABA.XM.FJ DFALAPDJFA.MF Response of length bytes Fund Transfer Page! Decrypt Requested money Transfer for the Amount of $3000 Do you wish to Accept?

4 Traffic Analysis Example Attack Your Computer Encrypt 29874ABA.XM.FJ DFALAPDJFA.MF On-line Bank GET /request? myacccount. Transfer.html HTTP/ ABA.XM.FJ DFALAPDJFA.MF Decrypt Attacker’s Vantage Point Port: 443… Small message… Request! 29874ABA.XM.FJ DFALAPDJFA.MF 29874ABA.XM.FJ DFALAPDJFA.MF 23$*(KJFA;KDJA 29874ABA.XM.FJ DFALAPDJFA.MF Encrypt Your Transfer Request Page 29874ABA.XM.FJ DFALAPDJFA.MF 29874ABA.XM.FJ DFALAPDJFA.MF 23$*(KJFA;KDJA 29874ABA.XM.FJ DFALAPDJFA.MF Response of length bytes Fund Transfer Page! Decrypt Requested money Transfer for the Amount of $3000 Do you wish to Accept? Attacker saw no content BUT still knows what you did

5 Our Approach: Mimicry Tunneling over independent cover traffic –Independent packet size and timing –Attacker can’t tell which packets have data and which are cover because of encryption Use model to generate plausible cover traffic Who needs this? –Spies, dissidents, whistle blowers, privacy advocates

6 Performance Analysis Explore the properties of our technique with simulation and analytic modeling Questions: –Impact on user experience: delay and throughput? –Overhead over standard transmission? –Is this feasible with disparate traffic patterns? Can we assess these impacts by using data-driven models of tunnel-free network behavior, and analytic models of tunneling?

7 Outline Simulation –Results Analytic Model –Evaluating delay and model validation –Slowdown –Stability Future work and conclusions

8 Simulation Design Use Flows: model the system with request/response pairs (TCP) Cover traffic runs continuously with delay between flows Real traffic starts some time into simulation –Consumes as much space in cover messages as is available –May have to wait for multiple cover sessions

9 SSFNet Implementation 100 Mbit/s 50 ms delay 1.5 Mbit/s 20 ms delay 1.5 Mbit/s 20 ms delay client server Measured native https data suggests 4 traffic classes –Request –Text –Graphics –Heavy Built SSFNet model of real over cover flows based on real prototype implementation Request size (both flows) sampled same distribution Separate traffic type distribution assigned cover, real

10 Results Notable trends –Real text decreases with cover intensity –Others increase with cover intensity –Throughput degradation runs 65% - 85%

11 Analytic Model Using what we learned from simulation, what can we discover with a model? –Validation Compare against simulation data –Slowdown Ratio of time to deliver tunneled real traffic vs. native real traffic delivery –Stability Whether cover traffic keep up with real traffic

12 Modeling Cover Sessions Simplify : imagine only response sessions Cover traffic behavior in time is “on-off” renewal time Data onoffon off

13 Modeling Cover Sessions Simplify : imagine only response sessions Cover traffic behavior in time is “on-off” renewal time onoffon off Off time distribution assumed to be exponential, mean time Data onoffon off

14 Modeling Cover Sessions Simplify : imagine only response sessions Cover traffic behavior in time is “on-off” renewal time onoffon off On time comprised of random number of Kbytes - geometrically distributed, mean - transfer time per Kbyte time Data onoffon off

15 Modeling Cover Sessions Simplify : imagine only response sessions Cover traffic behavior in time is “on-off” renewal time onoffon off Random on time is scaled geometric, mean Renewal theory gives us Pr{state is “on”} = E[on] / (E[on]+E[off]) time Data onoffon off

16 Modeling Real Sessions Real sessions model users –Assume “think time” then interaction Wait for interaction to complete time real session off Off time distribution assumed to be exponential, mean

17 Modeling Real Sessions time real session Multiple Components to the on time 1. time spent tunneling 2. real traffic arrives between cover sessions 3. real traffic overruns cover session Both 2 and 3 have to wait for new session cover session on

18 Validation Predictions of model validated against data gathered from simulator –Values of estimated from data –Important to understand that per kilobyte transfer costs depend on session lengths, background traffic---and are independent of tunneling Can be obtained from –Network trace data –Detailed network simulation –Key thing is that these parameters don’t depend on tunneling…but can be used to explain tunneling

19 Validation Results Used SSFNet simulation to derive network parameters % difference is very small –With accurate parameters from network We use the model to predict mean delay

20 Understanding Slowdown Performance at extremes –Waiting time is minimized, slowdown due to –Slowdown due to waiting for cover session to begin and final one to end All params equal, slowdown is ~3x –Sum of three geometrics: waiting, carrying, and final Slowdown = when

21 Stability If tunnel overhead is too large, real traffic will never catch up Tunneling as a service: G/G/1 queue –Job inter-arrival time is a native real flow’s –Service Time is E[On] Simplified param space: and

22 Future Work Finish real implementation and evaluation Multiple cover sessions per real flow? Trade-off between privacy and performance?

23 Conclusions Enhancing the privacy of encrypted traffic Used simulation and modeling to understand effects –Use real traffic measurements to find params for model –Measurements don’t have any concept of tunneling Simulation plus analytic model powerful But only together…

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.