{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,19]],"date-time":"2026-03-19T14:51:20Z","timestamp":1773931880280,"version":"3.50.1"},"reference-count":51,"publisher":"Association for Computing Machinery (ACM)","issue":"3","license":[{"start":{"date-parts":[[2021,8,19]],"date-time":"2021-08-19T00:00:00Z","timestamp":1629331200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"AUB University Research Board"},{"name":"TELUS Corp., Canada"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Priv. Secur."],"published-print":{"date-parts":[[2021,8,31]]},"abstract":"<jats:p>Research has proved that supposedly secure encrypted network traffic is actually threatened by privacy and security violations from many aspects. This is mainly due to flow features leaking evidence about user activity and data content. Currently, adversaries can use statistical traffic analysis to create classifiers for network applications and infer users\u2019 sensitive data. In this article, we propose a system that optimally prevents traffic feature leaks. In our first algorithm, we model the packet length probability distribution of the source app to be protected and that of the target app that the source app will resemble. We define a model that mutates the packet lengths of a source app to those lengths from the target app having similar bin probability. This would confuse a classifier by identifying a mutated source app as the target app. In our second obfuscation algorithm, we present an optimized scheme resulting in a trade-off between privacy and complexity overhead. For this reason, we propose a mathematical model for network obfuscation. We formulate analytically the problem of selecting the target app and the length from the target app to mutate to. Then, we propose an algorithm to solve it dynamically. Extensive evaluation of the proposed models, on real app traffic traces, shows significant obfuscation efficiency with relatively acceptable overhead. We were able to reduce a classification accuracy from 91.1% to 0.22% using the first algorithm, with 11.86% padding overhead. The same classification accuracy was reduced to 1.76% with only 0.73% overhead using the second algorithm.<\/jats:p>","DOI":"10.1145\/3442697","type":"journal-article","created":{"date-parts":[[2021,8,19]],"date-time":"2021-08-19T20:00:54Z","timestamp":1629403254000},"page":"1-23","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":13,"title":["Optimal Packet Camouflage Against Traffic Analysis"],"prefix":"10.1145","volume":"24","author":[{"given":"Louma","family":"Chaddad","sequence":"first","affiliation":[{"name":"Department Electrical and Computer Engineering, American University of Beirut, Beirut, Lebanon"}]},{"given":"Ali","family":"Chehab","sequence":"additional","affiliation":[{"name":"Department Electrical and Computer Engineering, American University of Beirut, Beirut, Lebanon"}]},{"given":"Imad H.","family":"Elhajj","sequence":"additional","affiliation":[{"name":"Department Electrical and Computer Engineering, American University of Beirut, Beirut, Lebanon"}]},{"given":"Ayman","family":"Kayssi","sequence":"additional","affiliation":[{"name":"Department Electrical and Computer Engineering, American University of Beirut, Beirut, Lebanon"}]}],"member":"320","published-online":{"date-parts":[[2021,8,19]]},"reference":[{"key":"e_1_2_1_1_1","volume-title":"Global digital future in focus","year":"2018","unstructured":"Comscore. 2018. Global digital future in focus 2018 . Comscore White Paper 6, (2018). Comscore. 2018. Global digital future in focus 2018. Comscore White Paper 6, (2018)."},{"key":"e_1_2_1_2_1","volume-title":"The Statistics Portal for Market Data, Market Research and Market Studies.","year":"2019","unstructured":"Statista.com. 2019. The Statistics Portal for Market Data, Market Research and Market Studies. Retrieved from https:\/\/www.statista.com\/. [Accessed 15 August 2019 .] Statista.com. 2019. The Statistics Portal for Market Data, Market Research and Market Studies. Retrieved from https:\/\/www.statista.com\/. [Accessed 15 August 2019.]"},{"key":"e_1_2_1_3_1","volume-title":"Mobile App Trends Report.","year":"2020","unstructured":"Liftoff. 2019. Mobile App Trends Report. Retrieved from https:\/\/liftoff.io\/ [Accessed 30 Jan. 2020 .] Liftoff. 2019. Mobile App Trends Report. Retrieved from https:\/\/liftoff.io\/ [Accessed 30 Jan. 2020.]"},{"key":"e_1_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2019.2904897"},{"key":"e_1_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2015.2494502"},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11276-016-1439-0"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/MNET.2017.1700200"},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.addma.2017.11.009"},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2017.2707140"},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/MCOM.2017.1700246"},{"key":"e_1_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2019.2916583"},{"key":"e_1_2_1_12_1","unstructured":"Georgi Ajaeiya Imad H. Elhajj Ali Chehab Ayman Kayssi Marc Kneppers. 2018. Mobile apps identification based on network flows. Knowledge and Information Systems (2018) 1\u201326.  Georgi Ajaeiya Imad H. Elhajj Ali Chehab Ayman Kayssi Marc Kneppers. 2018. Mobile apps identification based on network flows. Knowledge and Information Systems (2018) 1\u201326."},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/INFCOMW.2018.8406899"},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/CEC.2017.7969609"},{"key":"e_1_2_1_15_1","volume-title":"Proceedings of the 34th Annual Computer Security Applications Conference, ACM, 327--341","author":"Xu","unstructured":"Xu , Yixiao et al. 2018. A multi-tab website fingerprinting attack . In Proceedings of the 34th Annual Computer Security Applications Conference, ACM, 327--341 . Xu, Yixiao et al. 2018. A multi-tab website fingerprinting attack. In Proceedings of the 34th Annual Computer Security Applications Conference, ACM, 327--341."},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2018.23105"},{"key":"e_1_2_1_17_1","volume-title":"Future of Information and Communication Conference. Springer, Cham, 847--867","author":"Ayush Kumar","year":"2019","unstructured":"Kumar Ayush and Teng Joon Lim . 2019 . Early detection of mirai-like IoT bots in large-scale networks through sub-sampled packet traffic analysis . In Future of Information and Communication Conference. Springer, Cham, 847--867 . Kumar Ayush and Teng Joon Lim. 2019. Early detection of mirai-like IoT bots in large-scale networks through sub-sampled packet traffic analysis. In Future of Information and Communication Conference. Springer, Cham, 847--867."},{"key":"e_1_2_1_18_1","volume-title":"IEEE 3rd International Conference on Cloud Computing and Intelligence Systems (CCIS\u201914)","author":"Yu Jishen","year":"2014","unstructured":"Jishen Yu , Feng Liu , Wenli Zhou , and Hua Yu . 2014 . Hadoop-based network traffic anomaly detection in backbone . In IEEE 3rd International Conference on Cloud Computing and Intelligence Systems (CCIS\u201914) , Shenzhen, China , November 27-29, 2014. 140\u2013145. https:\/\/doi.org\/10.1109\/CCIS.2014.7175718 10.1109\/CCIS.2014.7175718 Jishen Yu, Feng Liu, Wenli Zhou, and Hua Yu. 2014. Hadoop-based network traffic anomaly detection in backbone. In IEEE 3rd International Conference on Cloud Computing and Intelligence Systems (CCIS\u201914), Shenzhen, China, November 27-29, 2014. 140\u2013145. https:\/\/doi.org\/10.1109\/CCIS.2014.7175718"},{"key":"e_1_2_1_19_1","doi-asserted-by":"crossref","first-page":"114","DOI":"10.1109\/TIFS.2015.2478741","article-title":"Analyzing android encrypted network traffic to identify user actions","volume":"11","author":"Mauro Conti","year":"2015","unstructured":"Conti Mauro , Luigi Vincenzo Mancini , Riccardo Spolaor , and Nino Vincenzo Verde . 2015 . Analyzing android encrypted network traffic to identify user actions . IEEE Transactions on Information Forensics and Security 11 , 1 (2015), 114 \u2013 125 . Conti Mauro, Luigi Vincenzo Mancini, Riccardo Spolaor, and Nino Vincenzo Verde. 2015. Analyzing android encrypted network traffic to identify user actions. IEEE Transactions on Information Forensics and Security 11, 1 (2015), 114\u2013125.","journal-title":"IEEE Transactions on Information Forensics and Security"},{"key":"e_1_2_1_20_1","volume-title":"Proceedings of the 5th ACM Conference on Data and Application Security and Privacy. ACM, 297--304","author":"Mauro Conti","year":"2015","unstructured":"Conti Mauro , Luigi V. Mancini , Riccardo Spolaor , and Nino Vincenzo Verde . 2015 . Can't you hear me knocking: Identification of user actions on Android apps via traffic analysis . In Proceedings of the 5th ACM Conference on Data and Application Security and Privacy. ACM, 297--304 . Conti Mauro, Luigi V. Mancini, Riccardo Spolaor, and Nino Vincenzo Verde. 2015. Can't you hear me knocking: Identification of user actions on Android apps via traffic analysis. In Proceedings of the 5th ACM Conference on Data and Application Security and Privacy. ACM, 297--304."},{"key":"e_1_2_1_21_1","volume-title":"IEEE 15th International Iranian Society of Cryptology Conference on Information Security and Cryptology (ISCISC). 1--5.","author":"Atieh Bakhshandeh","year":"2018","unstructured":"Bakhshandeh Atieh and Zahra Eskandari . 2018 . An efficient user identification approach based on Netflow analysis . In IEEE 15th International Iranian Society of Cryptology Conference on Information Security and Cryptology (ISCISC). 1--5. Bakhshandeh Atieh and Zahra Eskandari. 2018. An efficient user identification approach based on Netflow analysis. In IEEE 15th International Iranian Society of Cryptology Conference on Information Security and Cryptology (ISCISC). 1--5."},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2016.2577036"},{"key":"e_1_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/TNSM.2019.2933358"},{"key":"e_1_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1007\/s00521-017-3081-x"},{"key":"e_1_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/NOMS.2018.8406218"},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-45744-4_2"},{"key":"e_1_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3278493"},{"key":"e_1_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/3267323.3268960"},{"key":"e_1_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2016.2515050"},{"key":"e_1_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIT.2008.921660"},{"key":"e_1_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-28534-9_9"},{"key":"e_1_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICCW.2013.6649446"},{"key":"e_1_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/IWCMC.2012.6314247"},{"key":"e_1_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.28"},{"key":"e_1_2_1_35_1","volume-title":"Proceedings of the Network and Distributed Security Symposium (NDSS\u201909)","author":"Wright Charles V.","year":"2009","unstructured":"Charles V. Wright , Scott E. Coull , and Fabian Monrose . 2009 . Traffic morphing: An efficient defense against statistical traffic analysis . In Proceedings of the Network and Distributed Security Symposium (NDSS\u201909) San Francisco, California, United States, February 8-11. IEEE, 1--14. Charles V. Wright, Scott E. Coull, and Fabian Monrose. 2009. Traffic morphing: An efficient defense against statistical traffic analysis. In Proceedings of the Network and Distributed Security Symposium (NDSS\u201909) San Francisco, California, United States, February 8-11. IEEE, 1--14."},{"key":"e_1_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1109\/ITC.2010.5608728"},{"key":"e_1_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/TPDS.2013.42"},{"key":"e_1_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.2478\/popets-2019-0040"},{"key":"e_1_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.dcan.2019.09.002"},{"key":"e_1_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICIN.2019.8685871"},{"key":"e_1_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2016.2551203"},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/CCST.2014.6986998"},{"key":"e_1_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/1644893.1644899"},{"key":"e_1_2_1_44_1","volume-title":"10th USENIX Workshop on Offensive Technologies (WOOT\u201916)","author":"Brendan","unstructured":"Brendan Saltaformaggio et al. 2016. Eavesdropping on fine-grained user activities within smartphone apps over encrypted network traffic . In 10th USENIX Workshop on Offensive Technologies (WOOT\u201916) Austin, Texas, USA, August 8-9. 1--10. Brendan Saltaformaggio et al. 2016. Eavesdropping on fine-grained user activities within smartphone apps over encrypted network traffic. In 10th USENIX Workshop on Offensive Technologies (WOOT\u201916) Austin, Texas, USA, August 8-9. 1--10."},{"key":"e_1_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2019.09.008"},{"key":"e_1_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243768"},{"key":"e_1_2_1_47_1","first-page":"1","volume-title":"2nd USENIX Workshop on Electronic Commerce Proceedings 1","author":"Wagner David","year":"1996","unstructured":"David Wagner , Bruce Schneier . 1996 . Analysis of the SSL 3.0 protocol . 2nd USENIX Workshop on Electronic Commerce Proceedings 1 , 1 (1996), 29\u201340. David Wagner, Bruce Schneier. 1996. Analysis of the SSL 3.0 protocol. 2nd USENIX Workshop on Electronic Commerce Proceedings 1, 1 (1996), 29\u201340."},{"key":"e_1_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046556.2046570"},{"key":"e_1_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3354217"},{"key":"e_1_2_1_50_1","volume-title":"Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security Toronto, Canada, October 15-19","author":"Shuai Li","year":"2018","unstructured":"Li Shuai , Huajun Guo , and Nicholas Hopper . 2018 . Measuring information leakage in website fingerprinting attacks and defenses . In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security Toronto, Canada, October 15-19 . 1977\u20131992. Li Shuai, Huajun Guo, and Nicholas Hopper. 2018. Measuring information leakage in website fingerprinting attacks and defenses. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security Toronto, Canada, October 15-19. 1977\u20131992."},{"key":"e_1_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/2665943.2665950"}],"container-title":["ACM Transactions on Privacy and Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3442697","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3442697","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:03:03Z","timestamp":1750197783000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3442697"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,8,19]]},"references-count":51,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2021,8,31]]}},"alternative-id":["10.1145\/3442697"],"URL":"https:\/\/doi.org\/10.1145\/3442697","relation":{},"ISSN":["2471-2566","2471-2574"],"issn-type":[{"value":"2471-2566","type":"print"},{"value":"2471-2574","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,8,19]]},"assertion":[{"value":"2020-03-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2020-12-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2021-08-19","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}