Date of Award
Master of Science (MS)
The Internet today is made up of large networks known as autonomous systems (AS). These networks are given ownership over static blocks of IP prefixes, which they announce using the border gateway protocol (BGP). These static mappings of IP prefixes to ASes are well known and publicly available. This makes it easy for individuals, corporations, and governments to target specific entities for traffic analysis. This thesis describes traffic analysis in terms three scopes of trust, discussing the risks and requirements at each level. It then looks at traffic captured at Clemson University, showing how much information is actually made available through packet header information. It then proposes a Traffic Analysis Resistant Network (TARN), with varying network architectures to deal with the different scopes of trust. A TARN prototype was constructed and evaluated using the GENI and PEERING testbeds. This thesis then discusses the results of the evaluation, showing that TARN is a feasible solution to the vulnerabilities caused due to static IP prefix allocations. Finally, it considers future deployments, discussing potential scalability concerns of a large TARN deployment.
Barrineau, Christian Geddings, "TARN: Towards A Traffic Analysis Resistant Network" (2021). All Theses. 3581.