Skip to main content
Other
On the Secrecy of Spread-Spectrum Flow Watermarks
Computer Security – ESORICS 2010
  • Xiapu Luo
  • Junjie Zhang, Wright State University - Main Campus
  • Wenke Lee
Document Type
Conference Proceeding
Publication Date
9-1-2010
Disciplines
Abstract

Spread-spectrum flow watermarks offer an invisible and ready-to-use flow watermarking scheme that can be employed to stealthily correlate the two ends of a network communication. Such technique has wide applications in network security and privacy. Although several methods have been proposed to detect various flow watermarks, few can effectively detect spread-spectrum flow watermarks. Moreover, there is currently no solution that allows end users to eliminate spread-spectrum flow watermarks from their flows without the support of a separate network element. In this paper, we propose a novel approach to detect spread-spectrum flow watermarks by leveraging their intrinsic features. Contrary to the common belief that Pseudo-Noise (PN) codes can render flow watermarks invisible, we prove that PN codes actually facilitate their detection. Furthermore, we propose a novel method based on TCP’s flow-control mechanism that provides end users with the ability to autonomously remove spread-spectrum flow watermarks. We conducted extensive experiments on traffic flowing both through one-hop proxies in the PlanetLab network, and through Tor. The experimental results show that the proposed detection system can achieve up to 100% detection rate with zero false positives, and confirm that our elimination system can effectively remove spread-spectrum flow watermarks.

Comments

Presented at the 15th European Conference on Research in Computer Security, Athens, Greece.

DOI
10.1007/978-3-642-15497-3_15
Citation Information
Xiapu Luo, Junjie Zhang and Wenke Lee. "On the Secrecy of Spread-Spectrum Flow Watermarks" Computer Security – ESORICS 2010 Vol. 6345 (2010) p. 232 - 248 ISSN: 3-642-15496-4 978-3-642-15496-6
Available at: http://works.bepress.com/junjie_zhang/8/