Performance of Traffic Through Correlation True and False Positive by Using Watermarking

Tracing attackers' traffic through stepping stones is a challenging problem, especially when the attack traffic is encrypted, and its timing is manipulated (perturbed) to interfere with traffic analysis. The random timing perturbation by the adversary can greatly reduce the effectiveness of passive, timing-based correlation techniques. The authors presented a novel active timing-based correlation approach to deal with random timing perturbations. By embedding a unique watermark into the inter-packet timing, with sufficient redundancy, they can make the correlation of encrypted flows substantially more robust against random timing perturbations. Their analysis and their experimental results confirm these assertions.

Provided by: International Journal on Computer Science and Technology (IJCST) Topic: Security Date Added: Mar 2012 Format: PDF

Find By Topic