traffic analysis
play

Traffic Analysis The Most Powerful and Least Understood Attack - PowerPoint PPT Presentation

Jan 03, 2023 •204 likes •355 views

Traffic Analysis The Most Powerful and Least Understood Attack Methods Raven Alder, Riccardo Bettati, Jon Callas, Nick Matthewson 1 What is Traffic Analysis? Signals intelligence that ignores content Information for analysis is the

  1. Traffic Analysis The Most Powerful and Least Understood Attack Methods Raven Alder, Riccardo Bettati, Jon Callas, Nick Matthewson 1

  2. What is Traffic Analysis? • Signals intelligence that ignores content • Information for analysis is the metadata • “Traffic analysis, not cryptanalysis, is the backbone of communications intelligence.” Susan Landau and Whitfield Diffie. 2

  3. Interesting Metadata • Endpoint addresses • Timing – Duration – Sequencing • Location? • etc. 3

  4. Why is it important? • The title of the panel says it all – We are going to startle you • Everyone needs to think differently – Often we’re protecting the wrong thing – TA shows the limits of possible defense • Potential for new research and creativity 4

  5. Historic Uses • Finding size, scope, intentions of military • Marketing research • Reconfigure networks 5

  6. Why do this? • Crypto • Too much data, already • It’s easier than analyzing everything • It’s hard to defend against 6

  7. Defenses • Include – Don’t communicate – Don’t be seen communicating • Spread Spectrum, etc. – Insert false communications • Naïve defenses often worse than nothing – Everything you know about this is wrong 7

  8. What can we do? • Determine alert status of military – Notorius “Domino’s Metric” • Identify authors of text – “Primary Colors” break against Joe Klein • Crack SSH passwords – Timing Analysis of Keystrokes and Timing Attacks on SSH [Usenix 2001] 8

  9. What more can we do? • Identify OS of remote hosts • Identify host as it moves around the net • Correlate virtual-to-physical hosts • Unravel mix nextworks 9

  10. What else can we do? • Remove text redacting – http://cryptome.org/cia-decrypt.htm • Identify movies being played – http://www.cs.washington.edu/research/security/ usenix07devices.pdf • Identify music being downloaded / played – CDDB finds albums with TA-like methods 10

  11. And even more • De-multiplex IPsec tunnels • Spatially locate hosts • Voice analysis of some speech patterns • Analysis of social networks • Google PageRank • nmap, p0f • Credit card fraud detection 11

  12. Open Questions? • How do we guard against TA? • How do we use TA? – Can it be used against spam, botnets? – Are there offensive and defensive uses? 12

  13. Additional Reading • “Introducing Traffic Analysis” by George Danezis – http://homes.esat.kuleuven.be/~gdanezis/TAIntro- book.pdf – http://homes.esat.kuleuven.be/~gdanezis/talks/TAIntro- prez.pdf – http://one.revver.com/watch/147903 13

  14. 14

Recommend

using Traffic Analysis Attacks Salini S K What is Traffic Analysis What is Traffic Analysis

using Traffic Analysis Attacks Salini S K What is Traffic Analysis What is Traffic Analysis

Website Fingerprinting using Traffic Analysis Attacks Salini S K What is Traffic Analysis What is Traffic Analysis Wiki says What is Traffic Analysis Wiki says Process of intercepting and examining messages in order to deduce

1.15k views • 41 slides
Interactive traffic analysis and Interactive traffic analysis and visualization with Wisconsin

Interactive traffic analysis and Interactive traffic analysis and visualization with Wisconsin

Interactive traffic analysis and Interactive traffic analysis and visualization with Wisconsin Netpy visualization with Wisconsin Netpy Cristian Estan, Garret Magin University of Wisconsin-Madison USENIX LISA, 19 December 2005 Traffic

345 views • 18 slides
1 THE ANALYSIS OF TRAFFIC SAFETY THE ANALYSIS OF TRAFFIC SAFETY 3. Classification of stop

1 THE ANALYSIS OF TRAFFIC SAFETY THE ANALYSIS OF TRAFFIC SAFETY 3. Classification of stop

AGENDA AGENDA 1. The role and significance of public transport and tram transport in urban areas 2. Goal and stages of the study 1 THE ANALYSIS OF TRAFFIC SAFETY THE ANALYSIS OF TRAFFIC SAFETY 3. Classification of stop stations at tram stops

169 views • 4 slides
Traffic Classifier Real Time Classification and Analysis of T1/E1 Traffic 818 West Diamond Avenue

Traffic Classifier Real Time Classification and Analysis of T1/E1 Traffic 818 West Diamond Avenue

Traffic Classifier Real Time Classification and Analysis of T1/E1 Traffic 818 West Diamond Avenue - Third Floor, Gaithersburg, MD 20878 Phone: (301) 670-4784 Fax: (301) 670-9187 Email: info@gl.com Website: http://www.gl.com 1 1 Traffic

228 views • 11 slides
ICmyNet.Flow: NetFlow based traffic investigation analysis traffic investigation, analysis, and

ICmyNet.Flow: NetFlow based traffic investigation analysis traffic investigation, analysis, and

ICmyNet.Flow: NetFlow based traffic investigation analysis traffic investigation, analysis, and reporting Slavko Gajin slavko.gajin@ rcub.bg.ac.rs AMRES Academic Network of Serbia RCUB - Belgrade University Computer Center ETF

641 views • 46 slides
Network Traffic Characterization Srinidhi Varadarajan Traffic Analysis: Introduction

Network Traffic Characterization Srinidhi Varadarajan Traffic Analysis: Introduction

Network Traffic Characterization Srinidhi Varadarajan Traffic Analysis: Introduction Youve just invented the greatest protocol does everything including tying your shoelaces. What now? Need to know how it performs. Is it

510 views • 13 slides
High Speed Traffic Analysis for High-Speed Traffic Analysis for Security: Challenges &

High Speed Traffic Analysis for High-Speed Traffic Analysis for Security: Challenges &

High Speed Traffic Analysis for High-Speed Traffic Analysis for Security: Challenges & Approaches Security: Challenges & Approaches C-DAC Asia-Pacific Advanced Network 32 nd Meeting, India Habitat Centre, New Delhi APAN 32nd Meeting,

647 views • 28 slides
my.SWISSTRAFFIC Automated Traffic Collection & Analysis FULLY AUTOMATED TRAFFIC DATA

my.SWISSTRAFFIC Automated Traffic Collection & Analysis FULLY AUTOMATED TRAFFIC DATA

my.SWISSTRAFFIC Automated Traffic Collection & Analysis FULLY AUTOMATED TRAFFIC DATA COLLECTION AND ANALYTICS There is a high demand for reliable Traffic Data but Static data single-purpose data Invasive costly deployment &

404 views • 18 slides
ANALYSIS ETI2506 Sunday, 23 October 2016 1 WHERE ARE WE IN THE CURRICULUM? 2 GOAL OF TRAFFIC

ANALYSIS ETI2506 Sunday, 23 October 2016 1 WHERE ARE WE IN THE CURRICULUM? 2 GOAL OF TRAFFIC

IN INTRODUCTION TO TRAFFIC ANALYSIS ETI2506 Sunday, 23 October 2016 1 WHERE ARE WE IN THE CURRICULUM? 2 GOAL OF TRAFFIC ANALYSIS 1. Except for user terminals, the telephone network is composed of a variety of common 45 Trunks equipment

385 views • 17 slides
Internet Traffic: Analysis, Modeling with real-world aspects Pierre B ORGNAT CNRS ENS Lyon,

Internet Traffic: Analysis, Modeling with real-world aspects Pierre B ORGNAT CNRS ENS Lyon,

Traffic Measurement Analysis & Robust Methods Modeling Anomaly Detection Traffic Classification Conclusion + Internet Traffic: Analysis, Modeling with real-world aspects Pierre B ORGNAT CNRS ENS Lyon, Laboratoire de Physique (UMR

716 views • 60 slides
Road traffic safety analysis at U-turns on Thai highways using Traffic Conflict Technique at

Road traffic safety analysis at U-turns on Thai highways using Traffic Conflict Technique at

A presentation on Road traffic safety analysis at U-turns on Thai highways using Traffic Conflict Technique at ICTCT workshop 2014 Karlsruhe, Germany 16 th Oct 2014 Presented by: Inder Pal MEEL ipmeel@gmail.com 2014-10-16 Contents

417 views • 29 slides
Rendezvous-based Traffic Rendezvous-based Traffic Classification, Measurement, Classification,

Rendezvous-based Traffic Rendezvous-based Traffic Classification, Measurement, Classification,

Rendezvous-based Traffic Rendezvous-based Traffic Classification, Measurement, Classification, Measurement, and Analysis and Analysis ISC/CAIDA Data Collaboration Workshop October 22, 2012 David Plonka & Paul Barford

1.33k views • 26 slides
Broadband traffic analysis (update) Kensuke Fukuda (NII) Kenjiro Cho (IIJ) Hiroshi Esaki

Broadband traffic analysis (update) Kensuke Fukuda (NII) Kenjiro Cho (IIJ) Hiroshi Esaki

Broadband traffic analysis (update) Kensuke Fukuda (NII) Kenjiro Cho (IIJ) Hiroshi Esaki (u-tokyo) Akira Kato (u-tokyo) Outline Macro-level residential user traffic traffic pattern and growth Flow-level residential user traffic

550 views • 24 slides
Probably the worlds best stateful traffic generation and analysis platform 2 1 2 4 5 3

Probably the worlds best stateful traffic generation and analysis platform 2 1 2 4 5 3

1 Probably the worlds best stateful traffic generation and analysis platform 2 1 2 4 5 3 OVERVIEW TYPES OF TESTS HARDWARE SOFTWARE KEY FEATURES LEARN MORE 3 OVERVIEW Vulcan generates stateful Ethernet traffic to analyze how

349 views • 34 slides
Probably the worlds best stateless traffic generation and analysis platform 2 1 2 4 5 6

Probably the worlds best stateless traffic generation and analysis platform 2 1 2 4 5 6

1 Probably the worlds best stateless traffic generation and analysis platform 2 1 2 4 5 6 3 OVERVIEW TYPES OF TESTS HARDWARE SOFTWARE AUTOMATION KEY FEATURES LEARN MORE 3 OVERVIEW Valkyrie is a full-featured stateless traffic

720 views • 43 slides
Modelling Traffic on Motorways: State-of-the-Art, Numerical Data Analysis, and Dynamic Traffic

Modelling Traffic on Motorways: State-of-the-Art, Numerical Data Analysis, and Dynamic Traffic

Modelling Traffic on Motorways: State-of-the-Art, Numerical Data Analysis, and Dynamic Traffic Assignment Sven Maerivoet sven.maerivoet@esat.kuleuven.be Department of Electrical Engineering ESAT-SCD (SISTA) Katholieke Universiteit Leuven

526 views • 50 slides
Internet traffic measurements Renata Teixeira (Inria) Why measure traffic? Performance

Internet traffic measurements Renata Teixeira (Inria) Why measure traffic? Performance

Internet traffic measurements Renata Teixeira (Inria) Why measure traffic? Performance analysis Anomaly and intrusion detec=on Network engineering Traffic at different granulari=es IP-level packets Capture per-packet

539 views • 40 slides
Towards Provable Network Traffic Measurement and Analysis via Semi-Labeled Trace Datasets

Towards Provable Network Traffic Measurement and Analysis via Semi-Labeled Trace Datasets

Towards Provable Network Traffic Measurement and Analysis via Semi-Labeled Trace Datasets Network Traffic Measurement and Analysis Conference (TMA 2018) June 28, 2018 Milan Cermak et al. Institute of Computer Science, Masaryk University, Brno

575 views • 25 slides
Network Traffic Analysis & Cluster Analysis Exploring Hadoop Clusters using Free Tools

Network Traffic Analysis & Cluster Analysis Exploring Hadoop Clusters using Free Tools

Network Traffic Analysis & Cluster Analysis Exploring Hadoop Clusters using Free Tools Background and Goals: Apache Spot was started recently DNS, Netflow, PCAP data is analyzed The goal is to identify: suspicous

644 views • 19 slides
Internet Traffic Analysis: Mohammed Alasmar Co Cosen ener ers, , 2019 2019

Internet Traffic Analysis: Mohammed Alasmar Co Cosen ener ers, , 2019 2019

19 Internet Traffic Analysis: Mohammed Alasmar Co Cosen ener ers, , 2019 2019 https://ieeexplore.ieee.org/document/8737483 Motivations Reliable traffic modelling is important for network planning, deployment and management;

447 views • 29 slides
WI 35 / Tower Ave Traffic Analysis WI 105 / 61 st Street to 56 th Street Metropolitan Interstate

WI 35 / Tower Ave Traffic Analysis WI 105 / 61 st Street to 56 th Street Metropolitan Interstate

WI 35 / Tower Ave Traffic Analysis WI 105 / 61 st Street to 56 th Street Metropolitan Interstate Council February 15, 2017 Agenda Project Overview Kwik Trip Development Analysis Results Recommendations Next Steps

251 views • 10 slides
Heavy-traffic analysis of the M/PH/1 discriminatory processor sharing queue with phase-dependent

Heavy-traffic analysis of the M/PH/1 discriminatory processor sharing queue with phase-dependent

Heavy-traffic analysis of the M/PH/1 discriminatory processor sharing queue with phase-dependent weights Maaike Verloop (CWI) Urtzi Ayesta (CNRS-LAAS & BECAM) Sindo N u nez-Queija (University of Amsterdam & CWI) Heavy-traffic

740 views • 48 slides
ECONOMIC IMPACT ANALYSIS OF MARITIME TRAFFIC ACROSS THE MALTESE ISLANDS THE PROJECT ABOUT

ECONOMIC IMPACT ANALYSIS OF MARITIME TRAFFIC ACROSS THE MALTESE ISLANDS THE PROJECT ABOUT

ECONOMIC IMPACT ANALYSIS OF MARITIME TRAFFIC ACROSS THE MALTESE ISLANDS THE PROJECT ABOUT POLLUTION THE METHOD WHY The project idea is to create operational tools to support local administrators and operators of maritime traffic.

152 views • 11 slides
Structural Analysis of Network Traffic Flows Eric Kolaczyk Anukool Lakhina, Dina Papagiannaki,

Structural Analysis of Network Traffic Flows Eric Kolaczyk Anukool Lakhina, Dina Papagiannaki,

Structural Analysis of Network Traffic Flows Eric Kolaczyk Anukool Lakhina, Dina Papagiannaki, Mark Crovella, Christophe Diot, and Nina Taft Traditional Network What ISPs Care Traffic Analysis About Focus on Focus on Long,

1.09k views • 46 slides

More recommend