Traffic analysis and its impact on user privacy
Event details
| Date | 25.06.2018 |
| Hour | 13:00 › 15:00 |
| Speaker | Sandra Deepthy Siby |
| Location | |
| Category | Conferences - Seminars |
EDIC candidacy exam
Exam president: Prof. Jean-Pierre Hubaux
Thesis advisor: Prof. Carmela Troncoso
Co-examiner: Prof. Katerina Argyraki
Abstract
The Domain Name Service (DNS) is ubiquitous in today's Internet infrastructure. However, a vast majority of DNS queries are sent in plaintext, posing a privacy threat. DNS-over-TLS and DNS-over-HTTPS are two protocols that intend to provide better privacy by encrypting the communication between clients and DNS recursive resolvers. Our research goal is toevaluate the effectiveness of TLS- based solutions for DNS privacy by determining whether it is possible to fingerprint and identify webpages from encrypted DNS traffic.
In this proposal, we describe three existing works in the area of traffic analysis. The first paper investigates the effectiveness of popular countermeasures against traffic analysis attacks. The second paper examines the vulnerability of HTTPS to traffic analysis. The third paper studies the feasibility of performing behavior-based tracking using DNS traffic. Finally, we use insights from these papers to outline our
research plan.
Background papers
Peek-a-Boo, I Still See You: Why Efficient Traffic Analysis Countermeasures Fail, by Dyer, K., P. et al.
I Know Why You Went to the Clinic: Risks and Realization of HTTPS Traffic Analysis, by Miller, B., et al.
Behavior-based tracking: Exploiting characteristic patterns in DNS traffic, by Herrmann, D., et al.
Exam president: Prof. Jean-Pierre Hubaux
Thesis advisor: Prof. Carmela Troncoso
Co-examiner: Prof. Katerina Argyraki
Abstract
The Domain Name Service (DNS) is ubiquitous in today's Internet infrastructure. However, a vast majority of DNS queries are sent in plaintext, posing a privacy threat. DNS-over-TLS and DNS-over-HTTPS are two protocols that intend to provide better privacy by encrypting the communication between clients and DNS recursive resolvers. Our research goal is toevaluate the effectiveness of TLS- based solutions for DNS privacy by determining whether it is possible to fingerprint and identify webpages from encrypted DNS traffic.
In this proposal, we describe three existing works in the area of traffic analysis. The first paper investigates the effectiveness of popular countermeasures against traffic analysis attacks. The second paper examines the vulnerability of HTTPS to traffic analysis. The third paper studies the feasibility of performing behavior-based tracking using DNS traffic. Finally, we use insights from these papers to outline our
research plan.
Background papers
Peek-a-Boo, I Still See You: Why Efficient Traffic Analysis Countermeasures Fail, by Dyer, K., P. et al.
I Know Why You Went to the Clinic: Risks and Realization of HTTPS Traffic Analysis, by Miller, B., et al.
Behavior-based tracking: Exploiting characteristic patterns in DNS traffic, by Herrmann, D., et al.
Practical information
- General public
- Free
Contact
- EDIC - [email protected]