The Community for Technology Leaders
2006 IEEE Symposium on Security and Privacy (S&P'06) (2006)
Berkeley/Oakland, CA
May 21, 2006 to May 24, 2006
ISSN: 1081-6011
ISBN: 0-7695-2574-1
pp: 15 pp.-349
Pai Peng , Dept. of Comput. Sci., North Carolina State Univ., Raleigh, NC, USA
Peng Ning , Dept. of Comput. Sci., North Carolina State Univ., Raleigh, NC, USA
D.S. Reeves , Dept. of Comput. Sci., North Carolina State Univ., Raleigh, NC, USA
ABSTRACT
Timing-based active watermarking schemes are developed to trace back attackers through stepping stone connections or anonymizing networks. By slightly changing packet timing, these schemes achieve robust correlation for encrypted network connections under timing perturbation. However, the manipulation on packet timing makes the schemes themselves a potential target of intelligent attackers. In this paper, we analyze the secrecy of the timing-based active watermarking techniques for tracing through stepping stones, and propose an attack scheme based on analyzing the packet delays between adjacent stepping stones. We develop attack techniques to infer important watermark parameters, and to recover and duplicate embedded watermarks. The resulting techniques enable an attacker to defeat the tracing systems in certain cases by removing watermarks from the stepping stone connections, or replicating watermarks in non-stepping stone connections. We also develop techniques to determine in real-time whether a stepping stone connection is being watermarked for trace-back purposes. We have performed substantial experiments using real-world data to evaluate these techniques. The experimental results demonstrate that for the watermark scheme being attacked (1) embedded watermarks can be successfully recovered and duplicated when the watermark parameters are not chosen carefully, and (2) the existence of watermarks in a network flow can always be quickly detected
INDEX TERMS
Watermarking, Timing, Robustness, Cryptography, Forensics, Laboratories, Computer science, Delay, Performance evaluation, Internet
CITATION

Pai Peng, Peng Ning and D. Reeves, "On the secrecy of timing-based active watermarking trace-back techniques," 2006 IEEE Symposium on Security and Privacy (S&P'06)(SECPRI), Berkeley/Oakland, CA, 2009, pp. 15 pp.-349.
doi:10.1109/SP.2006.28
92 ms
(Ver 3.3 (11022016))