Slitheen++: Stealth TLS-based Decoy Routing
Benedikt Birtel, Christian Rossow
https://censorbib.nymity.ch/#Birtel2020a
https://www.usenix.org/conference/foci20/presentation/birtel (video and slides)
https://cispa.saarland/group/rossow/papers/tr-slitheen++.pdf (extended technical report)
https://cispa.saarland/group/rossow/files/Slitheen++.tar.gz (source code)
Slitheen++ is a collection of refinements to Slitheen, a decoy routing design that prioritizes indistinguishability of traffic patterns. Slitheen++ responds to certain issues that were left open in the original Slitheen design, and fixes bugs in its prototype implementation. For the most part, the changes are intended to decrease distinguishability, but Slitheen++ also make compromises in the downstream direction, increasing distinguishability for the sake of more consistent throughput.
Recall that Slitheen works by traffic replacement in HTTPS connections. In the upstream direction, the client sends data in an “X-Slitheen” HTTP header, deleting or compressing other headers to make room without changing the packet size. In the downstream direction, the relay station replaces the contents of “leaf” resources, such as images and videos, again without changing their size. An overt user simulator provides a carrier for the covert session by imitating a human web user, fetching HTTPS pages so that Slitheen can replace their content. Slitheen++ makes a number of changes:
- The Slitheen paper left the details of the overt user simulator open, and its prototype implementation was simplistic. In Slitheen++, the overt user simulator is more realistic, following links within a domain, and inserting delays between fetches to simulate the thinking time of a human user.
- The upstream channel uses code book–style compression of HTTP headers to make room for the X-Slitheen header. Something of this nature was proposed in the Slitheen paper but not implemented in the prototype.
- Alternative stream schedulers provide better fairness between the many streams that are multiplexed into a covert session.
- Various code-quality bugs, like uninitialized variables, are fixed.
- Slitheen++ removes superencryption of covert data, which was introduced in the followup to the Slitheen paper, “Secure asymmetry and deployability for decoy routing systems” (Appendix B). The Slitheen++ authors argue that much of what you would want to send through the covert tunnel is already separately encrypted and authenticated—by TLS, for example—making the superencryption unnecessary.
- Neither Slitheen nor Slitheen++ can replace traffic when TCP segments arrive out of order, or when a TLS record does not fit in a single TCP segment. In Slitheen++, covert TLS flows are run through a normalizing proxy (Apache Traffic Server) to reorder packets and reduce the size of TLS records. This provides more usable downstream capacity, at the cost of altering traffic patterns and network fingerprints.
Some other acknowledged issues from Slitheen are left open:
- Slitheen++ requires symmetric routes and downstream flow blocking.
- Slitheen++ does not work with HTTP/2.
Slitheen++ is evaluated in a VM environment, with the client, normalizing TLS proxy, and relay station running on the same host. The experiments test downloading a web page from ten different domains, using wikipedia.org as the overt domain. The link-following feature of the overt user simulator in Slitheen++ slightly diminishes performance, because different links have different leaf resources and therefore downstream capacity. Simulated thinking time in the overt user simulator increases covert page download times by several seconds.
Thanks to the authors for commenting on a draft of this summary.