BIT-TRAPS: Building information-theoretic traffic privacy into packet streams

Suhas Mathur, Wade Trappe

Research output: Contribution to journalArticle

9 Scopus citations

Abstract

Sniffing encrypted data packets traveling across networks can often be useful in inferring nontrivial information about their contents because of the manner in which the transmission of such packets is handled by lower layers in the communications protocol stack. In this paper, we formally study the side-channel formed by variable packet sizes, and explore obfuscation approaches to prevent information leakage while jointly considering the practical cost of obfuscation. We show that randomized algorithms for obfuscation perform best and can be studied as well-known information-theoretic constructs, such as discrete channels with and without memory. We envision a separate layer called a ssr Bit-Trap, that employs buffering and bit-padding as orthogonal methods for obfuscating such side channels. For streams of packets, we introduce the use of mutual-information rate as an appropriate metric for the level of obfuscation that captures nonlinear relationships between original and modified streams. Using buffering-delay and average bit-padding as the respective costs, a Bit-Trap formulates a constrained optimization problem with bounds on the average costs, to implement the best possible obfuscation policy. We find that combining small amounts of delay and padding together can create much more obfuscation than either approach alone, and that a simple convex trade-off exists between buffering delay and padding for a given level of obfuscation.

Original languageEnglish (US)
Article number5953511
Pages (from-to)752-762
Number of pages11
JournalIEEE Transactions on Information Forensics and Security
Volume6
Issue number3 PART 1
DOIs
StatePublished - Sep 1 2011
Externally publishedYes

All Science Journal Classification (ASJC) codes

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications

Keywords

  • Computer networks
  • data privacy
  • information security
  • mutual information

Fingerprint Dive into the research topics of 'BIT-TRAPS: Building information-theoretic traffic privacy into packet streams'. Together they form a unique fingerprint.

  • Cite this