Anonymization of traffic patterns over communication networks

US 10,193,776 B2
Filed: 11/28/2017
Issued: 01/29/2019
Est. Priority Date: 10/07/2015
Status: Active Grant

First Claim

Patent Images

1. A computer program product for obfuscating communication traffic patterns occurring over a communication infrastructure including a computer server, the computer program product comprising:

one or more non-transitory computer-readable storage devices and program instructions stored on at least one of the one or more non-transitory storage devices, the program instructions executable by a processor, the program instructions comprising;

instructions to detect, at a first communications device, data communication sessions with a second communications device via the computer server using a network protocol;

instructions to access, at the first communications device, a first traffic pattern based on the data communication sessions, the first traffic pattern determining communication occurrences between the first and the second communication devices over a first predefined time period;

instructions to access, at the first communications device, a second traffic pattern based on the data communication sessions, the second traffic pattern determining communication occurrences between the first and the second communications devices over a second predefined time period that occurs after the first predefined time period; and

instructions to generate, at the first communications device, based on a randomization process, a dummy data communication pattern for transmission to the second communications device, wherein the dummy data communication pattern is appended to the second traffic pattern for obfuscating a traffic pattern change between the first and the second traffic pattern at the computer server used to establish the communication sessions, wherein the generating of the dummy data communication pattern comprises;

instructions to determine, at the first communications device, a first information content value associated with the first traffic pattern;

instructions to determine, at the first communications device, a second information content value associated with the second traffic pattern;

instructions to compare, at the first communications device, the first and the second information content values; and

instructions to generate a first binary value based on the comparing determining the second information content value to be outside a predefined threshold range of the first information content value.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer-implemented method of obfuscating communication traffic patterns may include detecting, at a first communications device, data communication sessions with a second communications device via the computer server using a network protocol. At the first device, a first traffic pattern is accessed based on the data communication sessions over a first predefined time period. At the first communications device, a second traffic pattern is accessed based on the data communication sessions over a second predefined time period that occurs after the first predefined time period. At the first communications device, based on a randomization process, a dummy data communication pattern is generated for transmission to the second communication devices, whereby the dummy data communication pattern is appended to the second traffic pattern for obfuscating a traffic pattern change between the first and the second traffic pattern at the computer server used to establish the communication sessions.

23 Citations

13 Claims

1. A computer program product for obfuscating communication traffic patterns occurring over a communication infrastructure including a computer server, the computer program product comprising:
- one or more non-transitory computer-readable storage devices and program instructions stored on at least one of the one or more non-transitory storage devices, the program instructions executable by a processor, the program instructions comprising;
  
  instructions to detect, at a first communications device, data communication sessions with a second communications device via the computer server using a network protocol;
  
  instructions to access, at the first communications device, a first traffic pattern based on the data communication sessions, the first traffic pattern determining communication occurrences between the first and the second communication devices over a first predefined time period;
  
  instructions to access, at the first communications device, a second traffic pattern based on the data communication sessions, the second traffic pattern determining communication occurrences between the first and the second communications devices over a second predefined time period that occurs after the first predefined time period; and
  
  instructions to generate, at the first communications device, based on a randomization process, a dummy data communication pattern for transmission to the second communications device, wherein the dummy data communication pattern is appended to the second traffic pattern for obfuscating a traffic pattern change between the first and the second traffic pattern at the computer server used to establish the communication sessions, wherein the generating of the dummy data communication pattern comprises;
  
  instructions to determine, at the first communications device, a first information content value associated with the first traffic pattern;
  
  instructions to determine, at the first communications device, a second information content value associated with the second traffic pattern;
  
  instructions to compare, at the first communications device, the first and the second information content values; and
  
  instructions to generate a first binary value based on the comparing determining the second information content value to be outside a predefined threshold range of the first information content value.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The computer program product of claim 1, wherein the dummy data communication pattern comprises one or more randomly generated binary values based on the randomization process, wherein the one or more randomly generated binary values include a binary ‘
    - 1’
      
      value or a binary ‘
      
      0’
      
      value, the binary ‘
      
      1’
      
      value establishing a dummy communication session between the first and the second communications devices, and the binary ‘
      
      0’
      
      value restricting a communication session between the first and the second communications devices.
  - 3. The computer program product of claim 1, wherein the instructions to detect the data communication sessions comprises instructions to detect multimedia communication sessions initiated by a telecommunication application.
  - 4. The computer program product of claim 1, wherein:
    - the first binary value includes a binary ‘
      
      1’
      
      value or a binary ‘
      
      0’
      
      value, the binary ‘
      
      1’
      
      value establishing a dummy communication session between the first and the second communication devices, and the binary ‘
      
      0’
      
      value restricting a communication session between the first and the second communication devices.
  - 5. The computer program product of claim 1, further comprising:
    - instructions to determine, at the first communications device, a third information content value associated with a third traffic pattern including the second traffic pattern and the first binary value; and
      
      instructions to compare, at the first communications device, the first and the third information content values; and
      
      instructions to generate a second binary value based on the comparing determining the third information content value to be outside the predefined threshold range of the first information content value.
  - 6. The computer program product of claim 5, wherein:
    - the second binary value includes a binary ‘
      
      1’
      
      value or a binary ‘
      
      0’
      
      value, the binary ‘
      
      1’
      
      value establishing a dummy communication session between the first and the second communication devices, and the binary ‘
      
      0’
      
      value restricting a communication session between the first and the second communication devices.
  - 7. The computer program product of claim 5, wherein:
    - the instructions to provide the first traffic pattern comprises instructions to provide a first binary string having a predetermined length of bits, and wherein each bit of the first binary string represents a communication status at a time interval within the first predefined time period, and wherein;
      
      the instructions to provide the second traffic pattern comprises instructions to provide a second binary string having the predetermined length of bits, and wherein each bit of the second binary string represents a communication status at a time interval within the second predefined time period.
  - 8. The computer program product of claim 7, wherein the communication status associated with the first traffic pattern comprises:
    - a binary value of ‘
      
      1’
      
      that is indicative of an occurred data communication session between the first and the second communications device via the computer server during the first predefined time period; and
      
      a binary value of ‘
      
      0’
      
      that is indicative of a non-occurred data communication session between the first and the second communications device via the computer server during the first predefined time period.
  - 9. The computer program product of claim 7, wherein the communication status associated with the second traffic pattern comprises:
    - a binary value of ‘
      
      1’
      
      that is indicative of an occurred data communication session between the first and the second communications device via the computer server during the second predefined time period; and
      
      a binary value of ‘
      
      0’
      
      that is indicative of a non-occurred data communication session between the first and the second communications device via the computer server during the second predefined time period.
  - 10. The computer program product of claim 7, wherein:
    - the instructions to determine the first information content value associated with the first traffic pattern comprises instructions to calculate a first entropy value for the first binary string, and wherein;
      
      the instructions to determine the second information content value associated with the second traffic pattern comprises instructions to calculate a second entropy value for the second binary string, and wherein;
      
      the instructions to determine the third information content value comprises instructions to calculate a third entropy value for a third binary string, the third binary string including the second binary string and the first binary value appended to the second binary string.
  - 11. The computer program product of claim 1, further comprising:
    - instructions to apply statistical analysis and learning to the first and the second accessed traffic patterns, wherein based on the statistical analysis, a determination corresponding to applying another obfuscation process to another traffic pattern is made.
  - 12. The computer program product of claim 1, wherein the instructions to access the first traffic pattern and the second traffic pattern at the first communication device comprises instructions to access the first traffic pattern and the second traffic pattern from a telecommunication application executing on the first communication device.
  - 13. The computer program product of claim 1, where in the computer server used to establish the communication sessions comprises one of:
    - a software as a service (SaaS) cloud service, a platform as a service (PaaS) cloud service, and an infrastructure as a service cloud service.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Acharya, Arup, Kundu, Ashish
Primary Examiner(s)
Najjar, Saleh
Assistant Examiner(s)
Mejia, Feliciano S

Application Number

US15/823,799
Publication Number

US 20180091396A1
Time in Patent Office

427 Days
Field of Search

709224, 709227, 709246, 726 26, 726 27
US Class Current
CPC Class Codes

H04L 43/00   Arrangements for monitoring...

H04L 43/08   Monitoring or testing based...

H04L 45/306   Route determination based o...

H04L 45/70   Routing based on monitoring...

H04L 63/0421   Anonymous communication, i....

H04L 63/10   for controlling access to d...

H04L 63/1408   by monitoring network traff...

H04L 63/1475   Passive attacks, e.g. eaves...

H04L 65/1069   Session establishment or de...

H04L 65/1104   Session initiation protocol...

H04L 67/10   in which an application is ...

H04L 67/14   Session management for real...

H04L 67/148   Migration or transfer of se...

Anonymization of traffic patterns over communication networks

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

23 Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Anonymization of traffic patterns over communication networks

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

23 Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links