Statistical identification of encrypted Web browsing traffic

Statistical identification of encrypted Web browsing traffic

Encryption is often proposed as a tool for protecting the privacy of World Wide Web browsing. However, encryption-particularly as typically implemented in, or in concert with popular Web browsers-does not hide all information about the encrypted plaintext. Specifically, HTTP object count and sizes a...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Qixiang Sun, Simon, D.R., Yi-Min Wang, Russell, W., Padmanabhan, V.N., Lili Qiu
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Applied sciences
Chromium
Cryptography
Exact sciences and technology
Information, signal and communications theory
Privacy
Security
Signal and communications theory
Telecommunications
Telecommunications and information theory
Teleprocessing networks. Isdn
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Encryption is often proposed as a tool for protecting the privacy of World Wide Web browsing. However, encryption-particularly as typically implemented in, or in concert with popular Web browsers-does not hide all information about the encrypted plaintext. Specifically, HTTP object count and sizes are often revealed (or at least incompletely concealed). We investigate the identifiability of World Wide Web traffic based on this unconcealed information in a large sample of Web pages, and show that it suffices to identify a significant fraction of them quite reliably. We also suggest some possible countermeasures against the exposure of this kind of information and experimentally evaluate their effectiveness.
ISSN:1081-6011
1063-7109
2375-1207
DOI:10.1109/SECPRI.2002.1004359