Annual Computer Security Applications Conference (ACSAC) 2021

Full Program »

FINN: Fingerprinting Network Flows using Neural Networks

Traffic analysis is essential to network security by enabling the correlation of encrypted network flows; in particular, traffic analysis has been used to detect stepping stone attackers and de-anonymize anonymous connections. A modern type of traffic analysis is flow fingerprinting, which works by slightly perturbing network flows to embed secret information into the flows that later can be used for traffic analysis. It is shown that flow fingerprinting enables the use of traffic analysis in a wide range of applications. In this paper, we introduce an effective flow fingerprinting technique by leveraging neural networks. Specifically, our system uses a fully connected network to generate slight perturbations that are then added to the live flows to fingerprint them. We show that our fingerprinting system offers reliable performance in the different network settings, outperforming state of the art. We enforce an invisibility constraint in generating our flow fingerprints. Also, we use Generative adversarial networks (GAN) to generate fingerprinting delays with Laplacian distribution to make it similar to network jitter. Therefore we show that our fingerprinted flows are highly indistinguishable from benign network flows.

Fatemeh Rezaei
UMass Amherst

Amir Houmansadr
UMass Amherst

Paper (ACM DL)

Slides

Video

 



Powered by OpenConf®
Copyright©2002-2021 Zakon Group LLC