MUFFLER: Secure Tor Traffic Obfuscation with Dynamic Connection Shuffling and Splitting
- URL: http://arxiv.org/abs/2504.07543v2
- Date: Sat, 12 Apr 2025 13:11:26 GMT
- Title: MUFFLER: Secure Tor Traffic Obfuscation with Dynamic Connection Shuffling and Splitting
- Authors: Minjae Seo, Myoungsung You, Jaehan Kim, Taejune Park, Seungwon Shin, Jinwoo Kim,
- Abstract summary: MUFFLER is a connection-level traffic obfuscation system designed to secure Tor egress traffic.<n>It maps real connections to a distinct set of virtual connections between the final Tor nodes and targeted services.<n>It achieves up to 27x lower latency overhead than existing solutions and seamlessly integrates with the current Tor architecture.
- Score: 11.967326811104831
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Tor, a widely utilized privacy network, enables anonymous communication but is vulnerable to flow correlation attacks that deanonymize users by correlating traffic patterns from Tor's ingress and egress segments. Various defenses have been developed to mitigate these attacks; however, they have two critical limitations: (i) significant network overhead during obfuscation and (ii) a lack of dynamic obfuscation for egress segments, exposing traffic patterns to adversaries. In response, we introduce MUFFLER, a novel connection-level traffic obfuscation system designed to secure Tor egress traffic. It dynamically maps real connections to a distinct set of virtual connections between the final Tor nodes and targeted services, either public or hidden. This approach creates egress traffic patterns fundamentally different from those at ingress segments without adding intentional padding bytes or timing delays. The mapping of real and virtual connections is adjusted in real-time based on ongoing network conditions, thwarting adversaries' efforts to detect egress traffic patterns. Extensive evaluations show that MUFFLER mitigates powerful correlation attacks with a TPR of 1% at an FPR of 10^-2 while imposing only a 2.17% bandwidth overhead. Moreover, it achieves up to 27x lower latency overhead than existing solutions and seamlessly integrates with the current Tor architecture.
Related papers
- RevealNet: Distributed Traffic Correlation for Attack Attribution on Programmable Networks [3.351939661661333]
RevealNet is a decentralized framework for attack attribution.
It orchestrates a fleet of P4-programmable switches to perform traffic correlation.
Our evaluation suggests that RevealNet achieves comparable accuracy to centralized attack attribution systems.
arXiv Detail & Related papers (2025-05-01T15:48:35Z) - Hiding in Plain Sight: An IoT Traffic Camouflage Framework for Enhanced Privacy [2.0257616108612373]
Existing single-technique obfuscation methods, such as packet padding, often fall short in dynamic environments like smart homes.<n>This paper introduces a multi-technique obfuscation framework designed to enhance privacy by disrupting traffic analysis.
arXiv Detail & Related papers (2025-01-26T04:33:44Z) - MIETT: Multi-Instance Encrypted Traffic Transformer for Encrypted Traffic Classification [59.96233305733875]
Classifying traffic is essential for detecting security threats and optimizing network management.<n>We propose a Multi-Instance Encrypted Traffic Transformer (MIETT) to capture both token-level and packet-level relationships.<n>MIETT achieves results across five datasets, demonstrating its effectiveness in classifying encrypted traffic and understanding complex network behaviors.
arXiv Detail & Related papers (2024-12-19T12:52:53Z) - A Novel Buffered Federated Learning Framework for Privacy-Driven Anomaly Detection in IIoT [11.127334284392676]
We propose a Buffered FL (BFL) framework empowered by homomorphic encryption for anomaly detection in heterogeneous IIoT environments.
BFL utilizes a novel weighted average time approach to mitigate both straggler effects and communication bottlenecks.
Results show the superiority of BFL compared to state-of-the-art FL methods, demonstrating improved accuracy and convergence speed.
arXiv Detail & Related papers (2024-08-16T13:01:59Z) - Towards Multi-agent Reinforcement Learning based Traffic Signal Control through Spatio-temporal Hypergraphs [19.107744041461316]
Traffic signal systems (TSCSs) are integral to intelligent traffic management fostering efficient vehicle flow.<n>We propose a novel TSCS framework to realize intelligent traffic edge network.<n>We have crafted a multi-agent soft actor-critic (MA-SAC) reinforcement learning algorithm.
arXiv Detail & Related papers (2024-04-17T02:46:18Z) - A Novel Supervised Deep Learning Solution to Detect Distributed Denial
of Service (DDoS) attacks on Edge Systems using Convolutional Neural Networks
(CNN) [0.41436032949434404]
This project presents a novel deep learning-based approach for detecting DDoS attacks in network traffic.
The algorithm employed in this study exploits the properties of Convolutional Neural Networks (CNN) and common deep learning algorithms.
The results of this study demonstrate the effectiveness of the proposed algorithm in detecting DDOS attacks, achieving an accuracy of.9883 on 2000 unseen flows in network traffic.
arXiv Detail & Related papers (2023-09-11T17:37:35Z) - Correlating sparse sensing for large-scale traffic speed estimation: A
Laplacian-enhanced low-rank tensor kriging approach [76.45949280328838]
We propose a Laplacian enhanced low-rank tensor (LETC) framework featuring both lowrankness and multi-temporal correlations for large-scale traffic speed kriging.
We then design an efficient solution algorithm via several effective numeric techniques to scale up the proposed model to network-wide kriging.
arXiv Detail & Related papers (2022-10-21T07:25:57Z) - Over-the-Air Federated Learning with Privacy Protection via Correlated
Additive Perturbations [57.20885629270732]
We consider privacy aspects of wireless federated learning with Over-the-Air (OtA) transmission of gradient updates from multiple users/agents to an edge server.
Traditional perturbation-based methods provide privacy protection while sacrificing the training accuracy.
In this work, we aim at minimizing privacy leakage to the adversary and the degradation of model accuracy at the edge server.
arXiv Detail & Related papers (2022-10-05T13:13:35Z) - Discriminator-Free Generative Adversarial Attack [87.71852388383242]
Agenerative-based adversarial attacks can get rid of this limitation.
ASymmetric Saliency-based Auto-Encoder (SSAE) generates the perturbations.
The adversarial examples generated by SSAE not only make thewidely-used models collapse, but also achieves good visual quality.
arXiv Detail & Related papers (2021-07-20T01:55:21Z) - Adversarial Attacks on Deep Learning Based Power Allocation in a Massive
MIMO Network [62.77129284830945]
We show that adversarial attacks can break DL-based power allocation in the downlink of a massive multiple-input-multiple-output (maMIMO) network.
We benchmark the performance of these attacks and show that with a small perturbation in the input of the neural network (NN), the white-box attacks can result in infeasible solutions up to 86%.
arXiv Detail & Related papers (2021-01-28T16:18:19Z) - Robust Tracking against Adversarial Attacks [69.59717023941126]
We first attempt to generate adversarial examples on top of video sequences to improve the tracking robustness against adversarial attacks.
We apply the proposed adversarial attack and defense approaches to state-of-the-art deep tracking algorithms.
arXiv Detail & Related papers (2020-07-20T08:05:55Z) - Multi-Agent Routing Value Iteration Network [88.38796921838203]
We propose a graph neural network based model that is able to perform multi-agent routing based on learned value in a sparsely connected graph.
We show that our model trained with only two agents on graphs with a maximum of 25 nodes can easily generalize to situations with more agents and/or nodes.
arXiv Detail & Related papers (2020-07-09T22:16:45Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.