Counting packets sent between arbitrary internet hosts

Jeffrey Knockel, Jedidiah R. Crandall

Research output: Contribution to conferencePaperpeer-review

8 Scopus citations

Abstract

In this paper we demonstrate a side-channel technique to infer whether two machines are exchanging packets on the Internet provided that one of them is a Linux machine. For ICMP and UDP exchanges, we require that at least one machine is a Linux machine, and for TCP connections, we require that at least the server is a Linux machine. Unlike many side-channel measurement techniques, our method does not require that either machine be idle. That is, we make no assumptions about either machines’ traffic patterns with respect to other hosts on the Internet. We have implemented our technique, and we present the results of a proof-of-concept experiment showing that it can effectively measure whether hosts are communicating.

Original languageEnglish (US)
StatePublished - 2014
Externally publishedYes
Event4th USENIX Workshop on Free and Open Communications on the Internet, FOCI 2014, co-located with USENIX Security 2014 - San Diego, United States
Duration: Aug 18 2014 → …

Conference

Conference4th USENIX Workshop on Free and Open Communications on the Internet, FOCI 2014, co-located with USENIX Security 2014
CountryUnited States
CitySan Diego
Period8/18/14 → …

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Software

Fingerprint Dive into the research topics of 'Counting packets sent between arbitrary internet hosts'. Together they form a unique fingerprint.

Cite this