System and method for evaluating and enhancing source anonymity for encrypted web traffic
First Claim
1. A method for obfuscating Web traffic volume in a networking environment that is sent by a Web server in response to a request by an Internet client to access a Web page, the method comprising:
- receiving, by the Web server, a request from the Internet client to access the Web page;
padding by the Web server each of a plurality of objects of the Web page, wherein the padding comprises altering an original size of the object by adding redundant data;
randomly selecting an object, by the Web server, via the Web server, to add to the Web page;
adding the randomly selected object to the Web page by the Web server encrypting the Web page, by the Web server, by encrypting both the padded object and randomly selected added object;
obfuscating the traffic pattern of the transmitted Web page via the padding and further via the adding the at least one randomly selected object;
transmitting by the Web server the encrypted Web page to the Internet client monitoring by the Web server, a traffic pattern of Web pages transmitted to the Internet client;
decrypting by the Internet client the transmitted Web page;
discarding by the Internet client the randomly selected added object;
removing by the Internet client at least portions of the padding from each decrypted object that contains padding; and
displaying by the Internet client the decrypted web page with the randomly objects and the padding removed.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method is provided for evaluating the effectiveness of data encryption for hiding the identity of the source of Web traffic. A signature is constructed from encrypted Web traffic for a Web page sent by a target Web site, and the signature is compared with archived traffic signatures obtained by accessing various Web pages of interest in advance. If the signature of the detected encrypted Web traffic matches a stored traffic signature beyond a pre-set statistical threshold, a positive match is found, and the source of the traffic is identified. Countermeasures for reducing the reliability of source identification based on traffic signature matching are provided.
44 Citations
3 Claims
-
1. A method for obfuscating Web traffic volume in a networking environment that is sent by a Web server in response to a request by an Internet client to access a Web page, the method comprising:
-
receiving, by the Web server, a request from the Internet client to access the Web page;
padding by the Web server each of a plurality of objects of the Web page, wherein the padding comprises altering an original size of the object by adding redundant data;
randomly selecting an object, by the Web server, via the Web server, to add to the Web page;
adding the randomly selected object to the Web page by the Web server encrypting the Web page, by the Web server, by encrypting both the padded object and randomly selected added object;
obfuscating the traffic pattern of the transmitted Web page via the padding and further via the adding the at least one randomly selected object;transmitting by the Web server the encrypted Web page to the Internet client monitoring by the Web server, a traffic pattern of Web pages transmitted to the Internet client;
decrypting by the Internet client the transmitted Web page;
discarding by the Internet client the randomly selected added object;
removing by the Internet client at least portions of the padding from each decrypted object that contains padding; and
displaying by the Internet client the decrypted web page with the randomly objects and the padding removed. - View Dependent Claims (2, 3)
-
Specification