Project summary

Despite the widespread adoption of encryption protocols such as TLS 1.3, recent research, including our own work, has demonstrated that encrypted network traffic remains vulnerable to machine learning (ML)-based traffic analysis. These attacks exploit metadata such as packet sizes, inter-arrival times, and protocol-specific behaviors to infer sensitive information about user activities, websites visited, or applications used, without decrypting payloads. This metadata-based surveillance undermines the fundamental promise of encryption: privacy.

To address this threat, we propose to develop a protocol-aware traffic shaping framework that obfuscates the side-channel features commonly exploited in encrypted traffic analysis. Compared to prior approaches that rely on high-overhead padding or generic traffic morphing, our method will leverage insights from RFCs and our own empirical findings to intelligently perturb traffic in ways that preserve functionality while reducing classifier accuracy.

Our proposed approach is threefold:

1. Design a traffic shaping proxy that operates at the user-space level (via a TUN interface or lightweight proxy) to intercept and modify outbound encrypted traffic in real time.

2. Implement protocol-aware shaping strategies that selectively inject jitter, pad packet sizes, adjust burst patterns, and introduce plausible dummy flows, guided by known ML classifier vulnerabilities and protocol semantics.

3. Evaluate privacy gains by measuring the drop in classification accuracy of state-of-the-art traffic analysis models (including those we developed in prior work) and quantify performance trade-offs in terms of latency, throughput, and bandwidth.

By aligning our defenses with protocol constraints and real-world usability, this research aims to deliver a practical and deployable privacy-enhancing technology that mitigates metadata leakage in encrypted communications, strengthening user trust in digital privacy infrastructure.