Pierre-Louis Goudet

Obfuscation of Human Activities in Encrypted Communications: Application to Maritime Industrial Networks

 

Ph.D. Context

The protection of data exchanged over digital networks is one of the major societal challenges, whether it concerns online privacy or confidential information processed by the military.

Several mechanisms ensure the security of communications on digital networks. The most crucial is data encryption. A sufficiently strong encryption method ensures that decrypting the data without possessing the decryption key is so improbable that it is considered impossible. Indeed, state-of-the-art encryption algorithms rely on mathematical problems that have been proven to be unsolvable within a reasonable timeframe. The advent of quantum computing has been widely anticipated, and post-quantum algorithms are already available.

However, encryption applies only to the payload of transmitted messages and not to network frames, which must be decoded to travel through network nodes from sender to receiver. Metadata and statistical analysis of these frames can reveal numerous insights that should remain inaccessible.

Several prior works are related to this subject, particularly studies on intent identification in cyberattacks (Merien et al., 2018) and labeled network traffic generation (Nogues et al., 2019). The Ph.D. of Maxence Lannuzel (CIFRE Thesis, Interface Concept, 2022-2025) focuses on identifying digital activities within networks through the design of an intelligent switch (Lannuzel & Brosset, 2024). These studies build upon activity theory, which has previously been used to study intermodal urban mobility in Ines Jguirim's thesis (AER, 2012-2016). The results demonstrate that activity identification is effective on encrypted flows using robust algorithms resilient to false packet injection. A digital activity fingerprinting method is currently under development.

Based on Maxence Lannuzel’s findings, it appears that network communication classification and network analysis are feasible (A. Bozorgi et al., 2023). This threatens individuals' privacy protection and the confidentiality of sensitive information.

Several studies have explored communication obfuscation (W. Li et al., 2023, Y.-W. Lee et al., 2022, Meier et al., 2022), primarily aiming to prevent traffic analysis but without addressing the generated noise that signals modifications to the traffic.

The proposed research aims to mimic real digital activities to camouflage actual activities while minimizing noise. This solution is also beneficial for preserving quality of service. By modifying activities through packet injection based on well-identified activities, it is possible to maintain the original network traffic dimensions.

Scientific Challenges

The key scientific challenges include:

Computing similarity between digital activities;

Identifying elements that allow the transformation of one activity into another;

Generating adversarial examples for AI-based network traffic classification algorithms;

Developing methods to conceal data to protect privacy and sensitive information in maritime industrial networks;

Designing indicators to ensure that crew members' personal data and strategic information about maritime operations and navigation routes cannot be inferred;

Developing algorithms capable of generating realistic digital activities that mimic normal behavior in maritime networks, making obfuscation as undetectable as possible;

Analyzing the impact of activity imitation techniques on the QoS of maritime networks.

Naval Interest

Ubiquitous communication encryption creates a false sense of security and anonymity. The emergence of increasingly powerful AI-based network communication classification algorithms poses a threat to the protection of sensitive information. Moreover, network traffic categorization can enable network topology recognition, facilitating targeted cyberattacks.

The advanced network obfuscation methods developed in this research will enhance communication protection and improve the security of critical system-of-systems.

References

T. Merien, D. Brosset, X. Bellekens, and C. Claramunt, “A human-centred model for network flow analysis,” in 2018 2nd Cyber Security in Networking Conference (CSNet), IEEE, 2018, pp. 1–6.

M. Nogues, D. Brosset, H. Hindy, X. Bellekens, and Y. Kermarrec, “Labelled network capture generation for anomaly detection,” in International Symposium on Foundations and Practice of Security, Springer, 2019, pp. 98–113.

M. Lannuzel, D. Brosset, What network footprints expose about your online activities, Submitted, 2024.

I. Jguirim, Modeling and Generating Contextual Urban Activity Routes in the City. 2016. Ph.D. dissertation. University of Western Brittany, Brest.

A. Bozorgi et al., “I Still Know What You Did Last Summer: Inferring Sensitive User Activities on Messaging Applications Through Traffic Analysis,” IEEE Transactions on Dependable and Secure Computing, vol. 20, no. 5, pp. 4135–4153, 2023, doi: 10.1109/TDSC.2022.3218191.

W. Li et al., “Prism: Real-Time Privacy Protection Against Temporal Network Traffic Analyzers,” IEEE Transactions on Information Forensics and Security, vol. 18, pp. 2524–2537, 2023, doi: 10.1109/TIFS.2023.3267885.

Y.-W. Lee, S. H. Baek, J. T. Seo, and K.-W. Park, “Network Traffic Obfuscation System for IIoT-Cloud Control Systems,” Computers, Materials & Continua, 2022, [Online]. Available: https://api.semanticscholar.org/CorpusID:248340279

R. Meier, V. Lenders, and L. Vanbever, “ditto: WAN Traffic Obfuscation at Line Rate,” in 29th Annual Network and Distributed System Security Symposium, NDSS 2022, 2022. doi: 10.14722/ndss.2022.24056.