EQPO: obscuring encrypted web traffic with equal-sized pseudo-objects. (English) Zbl 1409.94908

Lin, Dongdai (ed.) et al., Information security and cryptology. 11th international conference, Inscrypt 2015, Beijing, China, November 1–3, 2015. Revised selected papers. Cham: Springer. Lect. Notes Comput. Sci. 9589, 227-245 (2016).
Summary: Internet users are concerned with their private web browsing behaviors. Browsing a webpage introduces a typical request-response-based network traffic which is associated with the structure of corresponding HTML document. This may make the traffic of a specified webpage demonstrate different features from others even when the traffic is encrypted. Traffic analysis techniques can be used to extract those features to identify that webpage, and hence the webpages the user visited could be disclosed though they might be encrypted. In this paper, we propose EQPO, a method to defend against traffic analysis by obscuring web traffic with EQual-sized pseudo-objects. A pseudo-object is composed by some original objects, object fragments, or padding octets. We define a structure of EQPO-enabled HTML document to force object requests and responses be on pseudo-objects. For a webpage set, by equalizing the sizes of pseudo-objects and the numbers of pseudo-objects requests in each webpage, we can make the traffic for those webpages with no identifiable features. We have implemented a proof of concept prototype and validate the proposed countermeasure with some state of the art traffic analysis techniques.
For the entire collection see [Zbl 1337.94003].


94A60 Cryptography
68M11 Internet topics


Full Text: DOI