Invisible Traceback in the Internet - PowerPoint PPT Presentation

1 / 11
About This Presentation
Title:

Invisible Traceback in the Internet

Description:

Invisible Traceback in the Internet Reference Wei Yu, Xinwen Fu, Steve Graham, Dong Xuan and Wei Zhao, DSSS-Based Flow Marking Technique for Invisible Traceback, in ... – PowerPoint PPT presentation

Number of Views:84
Avg rating:3.0/5.0
Slides: 12
Provided by: DonT310
Category:

less

Transcript and Presenter's Notes

Title: Invisible Traceback in the Internet


1
Invisible Traceback in the Internet
  • Reference
  • Wei Yu, Xinwen Fu,  Steve Graham, Dong Xuan
    and Wei Zhao, DSSS-Based Flow Marking Technique
    for Invisible Traceback, in Proc. of IEEE
    Symposium on Security and Privacy (Oakland), May 
    2007, pp18-32

2
Traceback
3
Traceback in the Internet
  • Internet has brought convenience to our everyday
    lives
  • However, it has also become a breeding ground for
    a variety of crimes
  • Network forensics has become part of legal
    surveillance
  • We study flow marking for a fundamental
    network-based forensic technique, traceback

4
Problem Definition
Network
Sender
Receiver
  • Suspect Sender is sending traffic through
    encrypted and anonymous channel, how can
    Investigators trace who is the receiver?

5
Traffic Confirmation by Flow Marking
  • Investigators want to know if Sender and Receiver
    are communicating

Sender
Receiver
Anonymous Channel
6
Issues in Flow Marking
  • Traceback accuracy
  • Periodic pattern ok?
  • Traceback secrecy
  • Traceback without conscience of suspects

DSSS-based technique for accuracy and secrecy in
traceback!
7
Basic Direct Sequence Spread Spectrum (DSSS)
  • A pseudo-noise code is used for spreading a
    signal and despreading the spread signal

Interferer
Sniffer
rb
dr
Despreading
Spreading
Original Signal
dt
Recovered Signal
tb
noisy channel
ct
cr
PN Code
PN Code
8
Example Spreading and Despreading
  • Signal dt 1 -1
  • DSSS code ct 1 1 1 -1 1 -1 -1
  • Spread signal tbdt.ct1 1 1 -1 1 -1 -1 -1 -1 -1
    1 -1 1 1
  • One symbol is represented by 7 chips
  • PN code is random and not visible in time and
    frequency domains
  • Despreading is the reverse process of spreading

1
dt
t
-1
tb
t
1
t
ct
-1
9
Mark Generation by Interferer
Original Signal dt
  • Choose a random signal
  • Obtain the spread signal
  • Modulate a target traffic flow by appropriate
    interference
  • Chip 1 without interference
  • Chip -1 with interference
  • Low interference favors traceback secrecy

ct
PN Code
tb
Flow Modulator
tx
Internet
rx spread signal noise
10
Mark Recognition by Sniffer
  • Sample received traffic to derive traffic rate
    time series
  • Use high-pass filter to remove direct component
    by Fast Fourier Transform (FFT)
  • Despreading by local DSSS code
  • Use low-pass filter to remove high-frequency
    noise
  • Make decision
  • Recovered signal Original signal?

rx spread signal noise
High-pass Filter
rx
cr
PN Code
rb
Low-pass Filter
Decision Rule
11
Thank you ! Questions?
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Invisible Traceback in the Internet" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!