Traffic masking in IPsec: Architecture and implementation

Csaba, Kiraly [Király, Csaba (Számítógép-hálózatok), szerző]; Giuseppe, Bianchi; Fabrizio, Formisano; Simone, Teofili; Renato, Lo Cigno

Angol nyelvű Tudományos Konferenciaközlemény (Könyvrészlet)
    Protection from statistical traffic analysis attacks calls for effective design of Traffic Flow Confidentiality (TFC) mechanisms. These are devised to alter the traffic pattern in order to hide information about contents transmitted, which, despite encryption, can be revealed by malicious users through statistical analysis. Widespread diffusion of these mechanisms requires embedding them in widely deployed protocols. This paper proposes an IPsec based framework aimed at enforcing TFC. This is characterized by two key components: i) a module designed to enforce packet padding, fragmentation, dummy packet generation, and artificial alteration of the packet forwarding delay, and ii) a TFC header devised to carry information across the IPsec tunnel to allow packet handling at the receiver side. The proposed approach has been implemented in a Linux 2.6 Kernel, and preliminary experimental results are reported to show its operation.
    Hivatkozás stílusok: IEEEACMAPAChicagoHarvardCSLMásolásNyomtatás
    2021-05-06 20:52