TY - GEN
T1 - On the Secrecy of Spread-Spectrum Flow Watermarks
AU - Luo, Xiapu
AU - Zhang, Junjie
AU - Perdisci, Roberto
AU - Lee, Wenke
PY - 2010/9/1
Y1 - 2010/9/1
N2 - Spread-spectrum flow watermarks offer an invisible and ready-to-use flow watermarking scheme that can be employed to stealthily correlate the two ends of a network communication. Such technique has wide applications in network security and privacy. Although several methods have been proposed to detect various flow watermarks, few can effectively detect spread-spectrum flow watermarks. Moreover, there is currently no solution that allows end users to eliminate spread-spectrum flow watermarks from their flows without the support of a separate network element. In this paper, we propose a novel approach to detect spread-spectrum flow watermarks by leveraging their intrinsic features. Contrary to the common belief that Pseudo-Noise (PN) codes can render flow watermarks invisible, we prove that PN codes actually facilitate their detection. Furthermore, we propose a novel method based on TCP’s flow-control mechanism that provides end users with the ability to autonomously remove spread-spectrum flow watermarks. We conducted extensive experiments on traffic flowing both through one-hop proxies in the PlanetLab network, and through Tor. The experimental results show that the proposed detection system can achieve up to 100% detection rate with zero false positives, and confirm that our elimination system can effectively remove spread-spectrum flow watermarks.
AB - Spread-spectrum flow watermarks offer an invisible and ready-to-use flow watermarking scheme that can be employed to stealthily correlate the two ends of a network communication. Such technique has wide applications in network security and privacy. Although several methods have been proposed to detect various flow watermarks, few can effectively detect spread-spectrum flow watermarks. Moreover, there is currently no solution that allows end users to eliminate spread-spectrum flow watermarks from their flows without the support of a separate network element. In this paper, we propose a novel approach to detect spread-spectrum flow watermarks by leveraging their intrinsic features. Contrary to the common belief that Pseudo-Noise (PN) codes can render flow watermarks invisible, we prove that PN codes actually facilitate their detection. Furthermore, we propose a novel method based on TCP’s flow-control mechanism that provides end users with the ability to autonomously remove spread-spectrum flow watermarks. We conducted extensive experiments on traffic flowing both through one-hop proxies in the PlanetLab network, and through Tor. The experimental results show that the proposed detection system can achieve up to 100% detection rate with zero false positives, and confirm that our elimination system can effectively remove spread-spectrum flow watermarks.
KW - PN
KW - Pseudo-Noise
KW - flow watermarking scheme
KW - invisible
KW - network communication
KW - network privacy
KW - network security
KW - spread-spectrum flow watermarks
UR - http://www.scopus.com/inward/record.url?scp=78049368157&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=78049368157&partnerID=8YFLogxK
UR - https://corescholar.libraries.wright.edu/cse/6
U2 - 10.1007/978-3-642-15497-3_15
DO - 10.1007/978-3-642-15497-3_15
M3 - Conference contribution
SN - 3642154964
SN - 9783642154966
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 232
EP - 248
BT - Computer Security, ESORICS 2010
A2 - Gritzalis, Dimitris
A2 - Preneel, Bart
A2 - Theoharidou, Marianthi
PB - Springer Verlag
T2 - 15th European Symposium on Research in Computer Security, ESORICS 2010
Y2 - 20 September 2010 through 22 September 2010
ER -