Related Concepts
Definition
Traffic analysis is the process of inferring information from the features of communication traffic other than its contents, such as message timing and size.
Background
The notion of traffic analysis originates from military signals intelligence where, as early as World War I, the dynamics of military communications were used to learn information about troop movements, the location of command headquarters, and the enemy chain of command. This information was inferred solely from the traffic patterns without access to the contents of the communication, which were often obfuscated or encrypted. In the context of computer security, traffic analysis typically refers to the examination of data sent over computer networks. As with military signals intelligence, traffic analysis of computer networks examines the impact of hidden information on the observable features of the network...
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Recommended Reading
Bauer K, McCoy D, Grunwald D, Kohno T, Sicker D (October 2007) Low-resource routing attacks against Tor. In: Proceedings of the 2007 ACM workshop on privacy in electronic society, pp 11–20
Bellovin S (November 2002) A technique for counting NATed hosts. In: Proceedings of the 2nd annual ACM SIGCOMM workshop on Internet measurement, pp 267–272
Coull S, Collins M, Wright C, Monrose F, Reiter MK (August 2007) On web browsing privacy in anonymized NetFlows. In: Proceedings of the 16th annual USENIX security symposium, pp 339–352
Cover T, Thomas J, Burns M (2006) Elements of information theory, vol. 1(revised edition). Wiley Series in Telecommunications and Signal Processing, John Wiley & Sons, Inc
Donoho D, Flesia A, Shankar U, Paxson V, Coit J, Staniford S (October 2002) Multiscale stepping-stone detection: detecting pairs of jittered interactive streams by exploiting maximum tolerable delay. In: Proceedings of the 5th annual international symposium on recent advances in intrusion detection, pp 17–35
Karagiannis T, Papagiannaki K, Faloutsos M (August 2005) BLINC: multilevel traffic classification in the dark. In: Proceedings of the annual ACM SIGCOMM conference, pp 229–240
Kohno T, Broido A, Claffy K (May 2005) Remote physical device fingerprinting. In: Proceedings of the 26th annual IEEE symposium on security and privacy, pp 93–108
Liberatore M, Levine B (October 2006) Inferring the source of encrypted HTTP connections. In: Proceedings of the 13th ACM conference on computer and communications security, pp 255–263
McDaniel P, Sen S, Spatscheck O, Van der Merwe J, Aiello W, Kalmanek C (February 2006) Enterprise security: A community of interest based approach. In: Proceedings of the 13th annual network and distributed systems security symposium, pp 100–115
Murdoch SJ, Danezis G (May 2005) Low-cost traffic analysis of Tor. In: Proceedings of the 26th annual IEEE symposium on security and privacy, pp 183–195
Shannon CE (July/October 1948) A mathematical theory of communication. Bell Syst Tech J 27:379–423, 623–656
Shmatikov V, Wang MH (September 2006) Timing analysis in low-latency mix networks: attacks and defenses. In: Proceedings of the 11th annual European symposium on research in computer security, pp 18–33
Song D, Wagner D, Tian X (August 2001) Timing analysis of keystrokes and SSH timing attacks. In: Proceedings of the 10th annual USENIX security symposium, pp 25–42
Sun Q, Simon DR, Wang Y, Russell W, Padmanabhan VN, Qiu L (May 2002) Statistical identification of encrypted web browsing traffic. In: Proceedings of the 23rd annual IEEE symposium on security and privacy, pp 19–31
Wang X, Reeves D, Wu SF (October 2002) Inter-packet delay based correlation for tracing encrypted connections through stepping stones. In: Proceedings of the 7th annual European symposium on research in computer security, pp 244–263
Wright C, Ballard L, Coull S, Monrose F, Masson G (May 2008) Spot me if you can: uncovering spoken phrases in encrypted voip conversations. In: Proceedings of the 29th annual IEEE symposium on security and privacy, pp 35–49
Wright C, Ballard L, Monrose F, Masson G (August 2008) Language Identification of Encrypted VoIP Traffic: Alejandra y Roberto or Alice and Bob? In: Proceedings of the 16th Annual USENIX Security Symposium, pp 43–54
Wright C, Coull S, Monrose F (February 2009) Traffic morphing: an efficient defense against statistical traffic analysis. In: Proceedings of the 16th annual network and distributed systems security symposium, pp 237–250
Xu K, Zhang Z, Bhattacharyya S (August 2005) Profiling Internet backbone traffic: behavior models and applications. In: Proceedings of the annual ACM SIGCOMM conference, pp 169–180
Zhang Y, Paxson V (August 2000) Detecting stepping stones. In: Proceedings of the 9th annual USENIX security symposium, pp 171–184
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer Science+Business Media, LLC
About this entry
Cite this entry
Coull, S.E. (2011). Traffic Analysis. In: van Tilborg, H.C.A., Jajodia, S. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-5906-5_120
Download citation
DOI: https://doi.org/10.1007/978-1-4419-5906-5_120
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4419-5905-8
Online ISBN: 978-1-4419-5906-5
eBook Packages: Computer ScienceReference Module Computer Science and Engineering