Departmental Papers (CIS)
Date of this Version
January 2006
Document Type
Conference Paper
Recommended Citation
Eric Cronin, Micah Sherr, and Matthew A. Blaze, "On the Reliability of Current Generation Network Eavesdropping Tools", . January 2006.
Abstract
This paper analyzes the problem of interception of Internet traffic from the eavesdropper's point of view. We examine the reliability and accuracy of transcripts, and show that obtaining "high fidelity" transcripts is harder than previously assumed. Even in highly favorable situations, such as capturing unencrypted traffic using standard protocols, simple -- and entirely unilateral -- countermeasures are shown to be sufficient to prevent accurate traffic analysis in many Internet interception configurations. In particular, these countermeasures were successful against every available eavesdropping system we tested. Central to our approach is a new class of techniques that we call confusion, which, unlike cryptography or steganography, does not require cooperation by the communicating parties and, in some case, can be employed entirely by a third party not involved in the communication at all.
Keywords
eavesdropping, electronic interception, eavesdropping countermeasures
Date Posted: 06 March 2007
This document has been peer reviewed.
Comments
Postprint version. Published in International Federation for Information Processing, Volume 222, Advances in Digital Forensics II, edited by Martin S. Olivier, Sujeet Shenoi (Boston: Springer, 2006), pages 199-214.