Internet Archive Scholar

Finding a Needle in a Haystack: The Traffic Analysis Version

Abdullah Qasem, Sami Zhioua, Karima Makhlouf
2019 Proceedings on Privacy Enhancing Technologies  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (2.3 MB)
https://web.archive.org/web/20201128095119/https://content.sciendo.com/downloadpdf/journals/popets/2019/2/article-p270.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

Traffic analysis is the process of extracting useful/sensitive information from observed network traffic. Typical use cases include malware detection and website fingerprinting attacks. High accuracy traffic analysis techniques use machine learning algorithms (e.g. SVM, kNN) and require to split the traffic into correctly separated blocks. Inspired by digital forensics techniques, we propose a new network traffic analysis approach based on similarity digest. The approach features several
more » ... ges compared to existing techniques, namely, fast signature generation, compact signature representation using Bloom filters, efficient similarity detection between packet traces of arbitrary sizes, and in particular dropping the traffic splitting requirement altogether. Experimental results show very promising results on VPN and malware traffic, but low results on Tor traffic due mainly to the single-size cells feature.
doi:10.2478/popets-2019-0030 dblp:journals/popets/QasemZM19 fatcat:wavpwb645vep7gindmgtdc5hdq
DOAJ
Citation

Abdullah Qasem, Sami Zhioua, Karima Makhlouf. "Finding a Needle in a Haystack: The Traffic Analysis Version." Proceedings on Privacy Enhancing Technologies 2019.2 (2019) 270-290