Novel Network Delay Based Side Channel Attack

Abstract

Leakage of information through side channels has become number one security threat to the web traffic that are mainly. Presently Side channel attack mainly focusses on packet length, timing of packet and internet object length. Though , we discovered that web traffic that are encrypted can also leak data through delay of the network between a client and the websites he or she visits. Inspired through this observation, we performed a side channel attack to calculate the probability that the client visited the particular website. The attacker can make use of the techniques using pattern identification to identify websites by calculating mean and variance of the RTT of each packet between a user and websites. The idea of the project Novel Network Delay Based Side channel Attack is to develop a web based application to predict which website the user is accessing through squid proxy server .This document is meant to outline the features and requirements of project Novel Network Delay Based Side channel Attack, to give the right direction to the developers and a software validation document for the client. A web based application has been developed for the Military, government organization, federal agencies, and multinational companies followed by following modules normally developed in a virtual environment, the attacker will run an exploit on the victim’s router , after the attack the attacker will be able to monitor the web traffic of the client going to the web server via squid in a can proxy. Different statistical analysis will be perform on the traffic and the attacker will be able to calculate the probability that which website the user is accessing based on the round trip time of each packet.