Prova de Doutoramento do Aluno Diogo Miguel Barrinha Barradas
15 junho 2021, 09:51 • Sandra Espírito Santo
PROVA DE DOUTORAMENTO
Candidato : Diogo Miguel Barrinha BarradasTítulo da Tese: “Unobservable Multimedia-based Covert Channels for Internet Censorship Circumvention”
LOCAL DA PROVA:
Link de Zoom : https://videoconf-colibri.zoom.us/j/89127528803
DATA: 22/07/2021
HORA: 10:30H
Orientador: Professor Luís Eduardo Teixeira Rodrigues
Co- Orientador: Professor Nuno Miguel Carvalho dos Santos
Thesis Abstrat:
DATA: 22/07/2021
HORA: 10:30H
Orientador: Professor Luís Eduardo Teixeira Rodrigues
Co- Orientador: Professor Nuno Miguel Carvalho dos Santos
Thesis Abstrat:
Totalitarian states are known to deploy large-scale surveillance and censorship mechanisms in order to deter citizens from accessing or publishing information on the Internet. Still, even the most oppressive regimes cannot afford to always block all channels with the outside world, and usually allow the operation of widely used services such as video-conferencing applications. This has given rise to the development of censorship-resistant communication tools that rely on the establishment of covert channels in the Internet by encoding covert data within popular multimedia protocols that use encrypted communication, e.g., Skype. A recent approach for the design of such tools, named multimedia protocol tunneling, modulates covert data into the audio and/or video feeds provided to multimedia applications. However, depending on the techniques used to embed covert data, and on the amount of information to embed, multimedia protocol tunneling tools may generate network flows that differ subtly from legitimate flows that do not carry covert channels. Notably, such differences can be uncovered using strictly passive methods (e.g., by observing the length or inter-arrival time of network packets). Incidentally, one of the major challenges faced by the above tools is that of achieving a proper balance between traffic analysis resistance and performance (e.g., achieve sufficient throughput for enabling web browsing activities). This thesis focuses on the study of the efficacy of multimedia protocol tunneling tools to evade the censor- ship apparatus deployed by network adversaries, while providing sufficient performance for enabling common Internet activities (e.g., web browsing). First, we show that the covert channels generated by existing tools are prone to detection. Specifically, we developed a new machine learning (ML)-based traffic analysis frame- work which has broken the security assumptions of recent multimedia protocol tunneling tools. Second, we show that network adversaries currently possess the means to perform sophisticated ML-based network flow classification tasks at line-speed. To this end, we worked towards the efficient deployment of multiple ML-based traffic analysis frameworks (including our own) in programmable switches. Third, we devised a new technique for creating traffic analysis resistant covert channels over multimedia streams. Our approach, based on the careful modification of the video encoding pipeline of the WebRTC framework, allows for the creation of high-speed covert channels over multimedia flows whose traffic patterns closely resemble those of legitimate flows.