HTTPOS: Sealing Information Leaks with Browser-side Obfuscation of Encrypted Flows § § § † § ‡ Xiapu Luo ∗, Peng Zhou , Edmond W. W. Chan , Wenke Lee , Rocky K. C. Chang , Roberto Perdisci The Hong Kong Polytechnic University§, Georgia Institute of Technology†, University of Georgia‡ § † ‡ {csxluo,cspzhouroc,cswwchan,csrchang}@comp.polyu.edu.hk ,
[email protected] ,
[email protected] Abstract be profiled from traffic features [29]. A common approach to preventing leaks is to obfuscate the encrypted traffic by Leakage of private information from web applications— changing the statistical features of the traffic, such as the even when the traffic is encrypted—is a major security packet size and packet timing information [13,23,35,38]. threat to many applications that use HTTP for data deliv- Existing methods for defending against information ery. This paper considers the problem of inferring from en- leaks, however, suffer from quite a few problems. A major crypted HTTP traffic the web sites or web pages visited by problem is that, as server-side solutions, they require modi- a user. Existing browser-side approaches to this problem fications of web entities, such as browsers, servers, and even cannot defend against more advanced attacks, and server- web objects [13,38]. Modifying the web entities is not fea- side approaches usually require modifications to web enti- sible in many circumstances and cannot easily satisfy differ- ties, such as browsers, servers, or web objects. In this paper, ent applications’ requirements on information leak preven- we propose a novel browser-side system, namely HTTPOS, tion. A second fundamental problem with these methods to prevent information leaks and offer much better scalabil- is that they are still vulnerable to some advanced traffic- ity and flexibility.