EQPO: obscuring encrypted web traffic with equal-sized pseudo-objects. Internet users are concerned with their private web browsing behaviors. Browsing a webpage introduces a typical request-response-based network traffic which is associated with the structure of corresponding HTML document. This may make the traffic of a specified webpage demonstrate different features from others even when the traffic is encrypted. Traffic analysis techniques can be used to extract those features to identify that webpage, and hence the webpages the user visited could be disclosed though they might be encrypted. In this paper, we propose EQPO, a method to defend against traffic analysis by obscuring web traffic with EQual-sized pseudo-objects. A pseudo-object is composed by some original objects, object fragments, or padding octets. We define a structure of EQPO-enabled HTML document to force object requests and responses be on pseudo-objects. For a webpage set, by equalizing the sizes of pseudo-objects and the numbers of pseudo-objects requests in each webpage, we can make the traffic for those webpages with no identifiable features. We have implemented a proof of concept prototype and validate the proposed countermeasure with some state of the art traffic analysis techniques.

References in zbMATH (referenced in 1 article )

Showing result 1 of 1.
Sorted by year (citations)

  1. Tang, Yi; Lin, Manjia: EQPO: obscuring encrypted web traffic with equal-sized pseudo-objects (2016)