Towards Language-Based Mitigation of Traffic Analysis Attacks
Jeppe Fredsgaard Blaabjerg, Aslan Askarov
TL;DR
This paper introduces SELENE, a language-based approach to mitigate traffic analysis attacks by enabling secure communication over observable channels, reducing overheads compared to existing methods, and advancing practical online security.
Contribution
We present SELENE, a novel language for secure communication that addresses traffic analysis vulnerabilities in observable channels, with provable security and reduced overheads.
Findings
SELENE significantly reduces latency and bandwidth overheads.
The language provides provable security guarantees.
It offers a practical solution for secure online communication.
Abstract
Traffic analysis attacks pose a major risk for online security. Distinctive patterns in communication act as fingerprints, enabling adversaries to de-anonymise communicating parties or to infer sensitive information. Despite the attacks being known for decades, practical solution are scarce. Network layer countermeasures have relied on black box padding schemes that require significant overheads in latency and bandwidth to mitigate the attacks, without fundamentally preventing them, and the problem has received little attention in the language-based information flow literature. Language-based methods provide a strong foundation for fundamentally addressing security issues, but previous work has overwhelmingly assumed that interactive programs communicate over secure channels, where messages are undetectable by unprivileged adversaries. This assumption is too strong for online…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.