On the Secrecy of Spread-Spectrum Flow WatermarksComputer Security – ESORICS 2010
Document TypeConference Proceeding
Find this in a LibraryCatalog Record
AbstractSpread-spectrum flow watermarks offer an invisible and ready-to-use flow watermarking scheme that can be employed to stealthily correlate the two ends of a network communication. Such technique has wide applications in network security and privacy. Although several methods have been proposed to detect various flow watermarks, few can effectively detect spread-spectrum flow watermarks. Moreover, there is currently no solution that allows end users to eliminate spread-spectrum flow watermarks from their flows without the support of a separate network element. In this paper, we propose a novel approach to detect spread-spectrum flow watermarks by leveraging their intrinsic features. Contrary to the common belief that Pseudo-Noise (PN) codes can render flow watermarks invisible, we prove that PN codes actually facilitate their detection. Furthermore, we propose a novel method based on TCP’s flow-control mechanism that provides end users with the ability to autonomously remove spread-spectrum flow watermarks. We conducted extensive experiments on traffic flowing both through one-hop proxies in the PlanetLab network, and through Tor. The experimental results show that the proposed detection system can achieve up to 100% detection rate with zero false positives, and confirm that our elimination system can effectively remove spread-spectrum flow watermarks.
Citation InformationXiapu Luo, Junjie Zhang and Wenke Lee. "On the Secrecy of Spread-Spectrum Flow Watermarks" Computer Security – ESORICS 2010 Vol. 6345 (2010) p. 232 - 248 ISSN: 3-642-15496-4 978-3-642-15496-6
Available at: http://works.bepress.com/junjie_zhang/8/