RAVEN: Stateless Rapid IP Address Variation for Enterprise Networks

Authors: Liang Wang (Princeton University), Hyojoon Kim (Princeton University), Prateek Mittal (Princeton University), Jennifer Rexford (Princeton University)

Volume: 2023
Issue: 3
Pages: 194–210
DOI: https://doi.org/10.56553/popets-2023-0077

Download PDF

Abstract: Enterprise networks face increasing threats against the privacy of their clients. Existing enterprise services like Network Address Translation (NAT) offer limited privacy protection, at the cost of requiring per-flow state. In this paper, we introduce RAVEN (Rapid Address Variation for Enterprise Networks), a network-based privacy solution that is complementary to application-layer defenses. RAVEN protects privacy by frequently changing the client's public IP address. With RAVEN, a client is not limited to using a single IP address at a given time, or even for a given connection. RAVEN goes further, breaking the association between packets that belong to the same connection by frequently changing the client's IP address within a single connection. RAVEN achieves this through a novel division of labor: the client uses a transport protocol, like QUIC, that supports seamless connection migration, and decides when to switch its IP address, while the enterprise network actually changes the client's IP address in a stateless manner at line rate and ensures end-to-end packet delivery. We implement RAVEN using QUIC and off-the-shelf programmable switches. We deploy RAVEN in a test IPv6 network and evaluate its defense against webpage fingerprinting attacks. Even with a strong adversary, the average precision of the best adaptive attacks drops from 0.96 to 0.84, with a 0.5% degradation in client throughput. When RAVEN changes IP addresses at unpredictable frequency, the precision of the best attacks falls to 0.78---the same effectiveness as WTF-PAD.

Keywords: privacy, traffic analysis, programmable data plane, P4, QUIC

Copyright in PoPETs articles are held by their authors. This article is published under a Creative Commons Attribution 4.0 license.