NDSS 2025 – The Discriminative Power Of Cross-layer RTTs In Fingerprinting Proxy Traffic

SESSION
Session 3A: Network Security 1

Authors, Creators & Presenters: Diwen Xue (University of Michigan), Robert Stanley (University of Michigan), Piyush Kumar (University of Michigan), Roya Ensafi (University of Michigan)

-----

PAPER

-----

The Discriminative Power of Cross-layer RTTs in Fingerprinting Proxy Traffic The escalating global trend of Internet censorship has necessitated an increased adoption of proxy tools, especially obfuscated circumvention proxies. These proxies serve a fundamental need for access and connectivity among millions in heavily censored regions. However, as the use of proxies expands, so do censors' dedicated efforts to detect and disrupt such circumvention traffic to enforce their information control policies. In this paper, we bring out the presence of an inherent fingerprint for detecting obfuscated proxy traffic. The fingerprint is created by the misalignment of transport- and application-layer sessions in proxy routing, which is reflected in the discrepancy in Round Trip Times (RTTs) across network layers. Importantly, being protocol-agnostic, the fingerprint enables an adversary to effectively target multiple proxy protocols simultaneously. We conduct an extensive evaluation using both controlled testbeds and real-world traffic, collected from a partner ISP, to assess the fingerprint's potential for exploitation by censors. In addition to being of interest on its own, our timing-based fingerprinting vulnerability highlights the deficiencies in existing obfuscation approaches. We hope our study brings the attention of the circumvention community to packet timing as an area of concern and leads to the development of more sustainable countermeasures.

-----
ABOUT NDSS
-----

The Network and Distributed System Security Symposium (NDSS) fosters information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies.

Our thanks to the **[Network and Distributed System Security (NDSS) Symposium][1]** for publishing their Creators, Authors and Presenter’s superb **[NDSS Symposium 2025 Conference][2]** content on the **[organization’s’][1]** **[YouTube][3]** channel.

Permalink

The post NDSS 2025 – The Discriminative Power Of Cross-layer RTTs In Fingerprinting Proxy Traffic appeared first on Security Boulevard.