A Unified Approach to Defend the Timing Analysis Attacks on Web Traffic
S. Pandiaraj1, Suraj Kaushik2, Yuvraj Singh Chouhan3, Nagendra Sharma4, Shreyansh Singh5
1S. Pandiaraj, Department of Computer Science & Engineering, SRM Institute of Science & Technology, Assistant Professor, Ramapuram, Chennai (Tamil Nadu), India.
2Suraj Kaushik, Department of Computer Science & Engineering, SRM Institute of Science & Technology, Student, Ramapuram, Chennai (Tamil Nadu), India.
3Yuvraj Singh Chouhan, Department of Computer Science & Engineering, SRM Institute of Science & Technology, Student, Ramapuram, Chennai (Tamil Nadu), India.
4Nagendra Sharma, Department of Computer Science & Engineering, SRM Institute of Science & Technology, Student, Ramapuram, Chennai (Tamil Nadu), India.
5Shreyansh Singh, Department of Computer Science & Engineering, SRM Institute of Science & Technology, Student, Ramapuram, Chennai (Tamil Nadu), India.
Manuscript received on 18 April 2019 | Revised Manuscript received on 25 April 2019 | Manuscript published on 30 April 2019 | PP: 289-294 | Volume-8 Issue-4, April 2019 | Retrieval Number: D6060048419/19©BEIESP
Open Access | Ethics and Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: Security of information transmitted over open systems has pulled in much consideration over ongoing years. Studies demonstrate that attacks dependent on traffic investigation empower attackers to separate helpful data about interchanges between people, regardless of whether the data is transmitted through an encrypted channel. Encryption is one of the most essential requirements in the security mechanism. It provides a safe way to transfer funds, do online purchase, etc. using online banking methods. It is a way that provides the public and organizations to communicate safely and avoid eavesdropping. It should astonish nobody, that encrypted communications are the main prey of DDoS and timing attacks. Such administrations empower access to an abundance of the individual, secret, and monetary information. Personality hoodlums and digital crooks can have a field day in the event that they prevail with regards to breaking web communications encryption. This paper introduces web traffic timing attacks on encrypted web traffic. In this method, the attackers use only the time value mentioned on the TCP packet and use it to perform the attack. Therefore, this type of attack cannot be merely solved by just padding. The reason this attack is difficult to defend is that the attacker does not require information about the sending and receiving ends due to which its effective against traffic streams. In the proposed system, a new lower overhead tunnel is suggested whose traffic cannot be analyzed. The fundamental thought utilized is to guarantee that, given a watched bundle follow, a wide range of groupings of web gets could sensibly create this follow. Clients are hence given solid deniability that a particular website page was gotten. This concept of imperceptibility is not new, however, the approach and methodology used to acknowledge it is new and much better.
Keywords: Encryption, Padding, Timing-Attack, Tunnel.
Scope of the Article: Encryption Methods and Tools