SSSS 2008 - Invited Talk: Performance Analysis of Real Traffic Carried with Encrypted Cover Flows

Invited Talk: Performance Analysis of Real Traffic Carried with Encrypted Cover Flows

David Nicol

Symposium on Simulation of Systems Security (SSSS'08) (SSSS 2008)
Crowne Plaza Ottawa Hotel, Ottawa, Canada, April 14 -17, 2008

Summary

Encrypted protocols are becoming more prevalent because of the growing use of e-commerce, anonymity services, and secure authentication. Likewise, traffic analysis is becoming more common because it is the only way to analyze encrypted communications. Though there are many valid uses for traffic analysis (such as network policy enforcement and intrusion detection), it can also be used to maliciously compromise the secrecy or privacy of a user. Because the secrecy of the payload of SSL communications is strongly protected by encryption, this work focuses on protecting the secrecy of the type and nature of the traffic by masking its behavior. With behavior obfuscation and strong encryption, SSL would provide a much stronger guarantee of message secrecy than it does currently. This talk presents an examination of the effects tunneling real traffic through cover flows which mask behavior. Through simulation and an analytical model we have investigated the effects on the user experience using disparate and similar traffic models. The point provides a novel context where we observe the synergy of simulation and analytic modeling. We show that a detailed simulation model of network traffic characteristics can be used to estimate the parameters of an analytic model of tunneling. We see that the the accuracy of the the model's predictions are directly dependent on the accuracy of parameters we obtain from the simulation. However, the simulation model does not need to have any concept of tunneling. Using simulation and analytic modeling together, we obtain an analysis whose whole is greater than the sum of the parts.

START Conference Manager (V2.54.5)