Towards Language-Based Mitigation of Traffic Analysis Attacks

Research output: Contribution to conferencePaperResearchpeer-review

Documents

  • selene

    Accepted manuscript, 459 KB, PDF document

Traffic analysis attacks pose a major risk for online security. Distinctive patterns in communication act as fingerprints, enabling adversaries to de-anonymise communicating parties or to infer sensitive information.
Despite the attacks being known for decades, practical solution are scarce. Network layer countermeasures have relied on black box padding schemes that require significant overheads in latency and bandwidth to mitigate the attacks, without fundamentally preventing them, and the problem has received little attention in the language-based information flow literature. Language-based methods provide a strong foundation for fundamentally addressing security issues, but previous work has overwhelmingly assumed that interactive programs communicate over secure channels, where messages are undetectable by unprivileged adversaries. This assumption is too strong for online communication where packets can be trivially observed by eavesdropping.
In this paper we introduce SELENE, a small language for principled, provably secure communication over channels where packets are publicly observable, and we demonstrate how our program level defence can reduce the latency and bandwidth overheads induced compared with program-agnostic defence mechanisms. We believe that our results constitute a step towards practical, secure online communication.
Original languageEnglish
Publication year2021
Number of pages22
Publication statusPublished - 2021
Event34th IEEE Computer Security Foundations Symposium - Virtual, Online, United States
Duration: 21 Jun 202124 Jun 2021
Conference number: 34
https://www.ieee-security.org/TC/CSF2021/

Conference

Conference34th IEEE Computer Security Foundations Symposium
Number34
LocationVirtual
CountryUnited States
CityOnline
Period21/06/202124/06/2021
Internet address

    Research areas

  • Traffic analysis, noninterference, language-based security

See relations at Aarhus University Citationformats

ID: 223915847