Traffic Analysis
 

    Over the past several years, I’ve been interested in traffic analysis of encrypted channels. We’ve also been doing some work on network trace anonymization as well.You can find some selected publications below.


  Encrypted traffic


            ◦   Andrew White, Srinivas Krishnan, Michael Bailey, Fabian Monrose and Phil Porras. Clear and Present Data: Opaque Traffic and its Security Implications for the Future. In Proceedings of Network and Distributed Systems Security Symposium, Feb., 2013.           


                Andrew White, Austin Matthews, Kevin Snow, and Fabian Monrose.

                 Phonotactic Reconstruction of Encrypted VoIP conversations: Hookt on fon-iks. Proceedings of IEEE Symposium on Security and Privacy, May, 2011. (IEEE S&P Best Paper Award, NYU-Poly AT&T Best Applied Security Paper Award, and Privacy Enhancing Technology (PET) Award). (PDF)


◦Wilson Lian, Fabian Monrose, and John McHugh. Traffic Classification using Visual Motifs: An Empirical Evaluation. In Proceedings of the ACM Symposium on Visualization for Computer Security, Sept, 2010. (PDF)


◦Charles Wright, Lucas Ballard, Scott Coulls, Fabian Monrose, and Gerald Masson. Spot me if you can: recovering spoken phrases in encrypted VoIP conversations. In Proceedings of IEEE Symposium on Security and Privacy, May, 2008. (PDF)


                  The full version of this paper, Uncovering Spoken Phrases in Encrypted Conversations appears in ACM Transactions of Information and Systems Security, 13(4), pages 1-30, Dec., 2010. (PDF)


◦Charles Wright, Lucas Ballard, Fabian Monrose, and Gerald Masson. Language Identification of Encrypted VoIP Traffic: Alejandra y Roberto or Alice and Bob? In Proceedings of the 16th USENIX Security Symposium, Boston, August, 2007.(PDF).


◦Charles Wright, Fabian Monrose, and Gerald Masson. On Inferring Application Protocol Behaviors in Encrypted Network Traffic. In Journal of Machine Learning Research (JMLR): Special issue on Machine Learning for Computer Security, volume 7, 2745-2769, 2006. (PDF)


◦Charles Wright, Fabian Monrose, and Gerald Masson. Using Visual Motifs to Classify Encrypted Traffic. In Proceedings of the ACM Workshop on Visualization for Computer Security (VizSEC), 2006.(PDF)


◦Charles Wright, Fabian Monrose, and Gerald Masson. HMM Profiles for Network Traffic Classification (Extended Abstract). In Proceedings of the ACM Workshop on Visualization and Data Mining for Computer Security (VizSEC/DMSEC), pages 9-15, 2004.


   Anonymized Traffic


◦Xin Huang,  Fabian Monrose, Michael Reiter. Amplifying Limited Expert Input to Sanitize Large Network Traces. In Proceedings of IEEE/IFIP International Conference on Dependable Systems and Networks (DSN); Performance and Dependability Symposium (PDS), June, 2011. (PDF).


◦Ting-Fang Yen and Xin Huang,  Fabian Monrose,Michael Reiter. Browser Fingerprinting from Coarse Traffic Summaries: Techniques and Implications. In Proceedings of the 6th Conference on Detection of Intrusions and Malware and Vulnerability Analysis, pages 157-175, 2009 (PDF).


◦Scott Coulls, Fabian Monrose,Michael Reiter, and Michael Bailey: The Challenges of Effectively Anonymizing Network Data. In Proceedings of the DHS Cybersecurity Applications and Technology Conference for Homeland Security, pages 230-236, 2009. (PDF)


◦Scott Coulls, Charles Wright, Angelos Keromytis, Fabian Monrose, and Michael Reiter. Taming the Devil: Techniques of Evaluating Anonymized Network Data. In Proceedings of the 15th Annual Network and Distributed Systems Security Symposium, Feb, 2008. (PDF)


◦Scott Coulls, Charles Wright, Fabian Monrose, Michael Collins and Michael Reiter. On Web Browsing Privacy in Anonymized NetFlows. In Proceedings of the 16th USENIX Security Symposium, Boston, August, 2007. (PDF)


◦Scott Coulls, Charles Wright, Fabian Monrose, Michael Collins and Michael Reiter. Playing Devil's Advocate: Inferring Sensitive Information from Anonymized Traces. In Proceedings of the 14th Annual Network and Distributed Systems Symposium (NDSS), pages 35-47, Feb, 2007. (PDF)


  Traffic morphing


◦Charles Wright, Scott Coulls , Fabian Monrose. Traffic Morphing: An efficient defense against statistical traffic analysis. In Proceedings of the 14th Annual Network and Distributed Systems Symposium (NDSS), Feb, 2009. (PDF)