Have No PHEAR: Networks Without Identifiers

Abstract

Network protocols such as Ethernet and TCP/IP were not designed to ensure the security and privacy of users. To protect users privacy, anonymity networks such as Tor have been proposed to hide both identities and communication contents for Internet traffic. However, such solutions cannot protect enterprise network traffic that does not transit the Internet. In this paper, we present the design, implementation, and evaluation of Packet Header Randomization (PHEAR), a privacy-enhancing system for enterprise networks that leverages emerging Software-Defined Networking hardware and protocols to eliminate identifiers found at the MAC, Network, and higher layers of the network stack. PHEAR also encrypts all packet data beyond the Network layer. We evaluate the security of PHEAR against a variety of known and novel attacks and conduct whole-network experiments that show the prototype deployment provides sufficient performance for common applications such as web browsing and file sharing.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Dec 07, 2015
Accession Number
AD1034741

Entities

People

  • Hamed Okhravi
  • Kevin Bauer
  • Richard W. Skowyra
  • Veer S. Dedhia
  • William W. Streilein

Organizations

  • MIT Lincoln Laboratory

Tags

Communities of Interest

  • Energy and Power Technologies

DTIC Thesaurus Topics

  • Anonymous Communications
  • Application Protocols
  • Authentication
  • Computer Network Security
  • Computer Networks
  • Computing System Architectures
  • Cryptography
  • Electronic Mail
  • Electronic Messaging
  • Internet
  • Local Area Networks
  • Network Protocols
  • Network Topology
  • Operating Systems
  • Security Protocols
  • Software Defined Networks
  • Transport Protocols

Fields of Study

  • Computer science

Readers

  • Computer Networking
  • Cybersecurity.