Statistical identification of encrypted web browsing traffic

被引：172

作者：

Sun, QX ^{[1
]}

Simon, DR ^{[1
]}

Wang, YM ^{[1
]}

Russell, W ^{[1
]}

Padmanabhan, VN ^{[1
]}

Qiu, L ^{[1
]}

机构：

[1] Stanford Univ, Dept Comp Sci, Stanford, CA 94305 USA

来源：

2002 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, PROCEEDINGS | 2002年

关键词：

D O I：

10.1109/SECPRI.2002.1004359

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Encryption is often Proposed as a tool for protecting the privacy of World Wide Web browsing. However, encryption-particularly as typically implemented in, or in concert with popular Web browsers-does not hide all information about the encrypted plaintext. Specifically, HTTP object count and sizes are often revealed (or at least incompletely concealed). We investigate the identifiability of World Wide Web traffic based on this unconcealed information in a large sample of Web pages, and show that it suffices to identify a significant fraction of them quite reliably. We also suggest some possible countermeasures against the exposure of this kind of information and experimentally evaluate their effectiveness.

引用

页码：19 / 30

页数：12

共 24 条

[1]

ACKOFF CW, 1993, P 25 ACM S THEOR COM

[2]

Allen C., 1999, RFC, DOI [DOI 10.17487/RFC2246, 10.17487/RFC2246]

[3]

BERTHOLD O, 2000, LNCS, V2009, P115, DOI DOI 10.1007/3-540-44702-4.7

[4]

Chaum D., 1988, Journal of Cryptology, V1, P65, DOI 10.1007/BF00206326

[5]

Chaum D., 1981, CACM

[6]

Cheng H., TRAFFIC ANAL SSL ENC

[7]

DANEZIS G, TRAFFIC ANAL TLS PRO

[8]

FELTEN EW, 2000, P ACM C COMP COMM SE

[9]

Fielding R., 1999, Tech. Rep

[10]

Freier AlanO., 1996, SSL PROTOCOL VERSION

← 1 2 3 →