Share on Facebook Tweet on Twitter Share on LinkedIn Share by email
Statistical Identification of Encrypted Web Browsing Traffic

Qixiang Sun, Daniel R. Simon, Yi-Min Wang, Wilf Russell, Venkata N. Padmanabhan, and Lili Qiu

Abstract

Encryption is often proposed as a tool for protecting the privacy of World Wide Web browsing. However, encryption - particularly as typically implemented in, or in concert with popular Web browsers - does not hide all information about the encrypted plaintext. Specifically, HTTP object count and sizes are often revealed (or at least incompletely concealed). We investigate the identifiability of World Wide Web traffic based on this unconcealed information in a large sample of Web pages, and show that it suffices to identify a significant fraction of them quite reliably. We also suggest some possible countermeasures against the exposure of this kind of information and experimentally evaluate their effectiveness.

Details

Publication typeTechReport
URLhttp://www.ieee.org/
NumberMSR-TR-2002-23
Pages13
InstitutionMicrosoft Research
PublisherInstitute of Electrical and Electronics Engineers, Inc.
> Publications > Statistical Identification of Encrypted Web Browsing Traffic