Kulshrestha, A., & Mayer, J. (2022). Estimating Incidental Collection in Foreign Intelligence Surveillance: Large-Scale Multiparty Private Set Intersection with Union and Sum. 31st USENIX Security Symposium (Under Revision).
Scheffler, S., Kulshrestha, A., & Mayer, J. (2022). Public Verification for Private Hash Matching: Challenges, Policy Responses, and Protocols. Under Revision.
Wang, M., Kulshrestha, A., Wang, L., & Mittal, P. (2022). Leveraging Strategic Connection Migration-Powered Traffic Splitting for Privacy. Proceedings of the 22nd Privacy Enhancing Technologies Symposium.
Best HotPETs 2021 Talk
Abstract: Network-level adversaries have developed increasingly sophisticated techniques to surveil and control users’ network traffic. In this paper, we exploit
our observation that many encrypted protocol connections are no longer tied to device IP address (e.g., the
connection migration feature in QUIC, or IP roaming
in WireGuard and Mosh), due to the need for performance in a mobile-first world. We design and implement a novel framework, Connection Migration Powered Splitting (CoMPS), that utilizes these performance
features for enhancing user privacy. With CoMPS, we
can split traffic mid-session across network paths and
heterogeneous network protocols. Such traffic splitting
mitigates the ability of a network-level adversary to perform traffic analysis attacks by limiting the amount of
traffic they can observe. We use CoMPS to construct
a website fingerprinting defense that is resilient against
traffic analysis attacks by a powerful adaptive adversary
in the open-world setting. We evaluate our system using both simulated splitting data and real-world traffic
that is actively split using CoMPS. In our real-world
experiments, CoMPS reduces the precision and recall of
VarCNN to 29.9% and 36.7% respectively in the open-world setting with 100 monitored classes. CoMPS is not
only immediately deployable with any unaltered server
that supports connection migration, but also incurs little overhead, decreasing throughput by only 5-20%.