SnailLoad: Eavesdropping without MITM or target system code

An attack method discovered by a research team at Graz University of Technology reveals which websites or videos Internet users are currently viewing. Surprisingly, the method works without any snooping software on the victim's device. The attacks can be carried out from any location on the Internet from which IP packets can be sent to the victim. The research team includes Daniel Gruss and Stefan Gast, who were also involved in the discovery of the two vulnerabilities in Intel processors, Spectre and Meltdown.

The eavesdropping attack called SnailLoad is since downloads of different files exhibit fluctuations in packet runtimes (round trip times, RTTs), and that these fluctuations are individual, provided that the same file is downloaded from the same server on the same network path. This is the case with many downloads, such as common websites or YouTube videos. In addition, if two files are downloaded at the same time, the fluctuation pattern of one influences the fluctuations of the other in a characteristic way. If you know the patterns of both files, you can draw conclusions about the other file from one of the patterns alone.

The cause of the typical latency fluctuations are buffers in network nodes at the transition from the providers' fast core networks to the "last mile", which leads to the victims' connection. Any network activity of the victims fills and empties the buffers in a specific way, which in turn leads to characteristic transmission delays on the server side.

Video and website fingerprinting

To measure this, the attackers need a server that sends a file to the victim system for an extended period of time and whose transmission times of the individual data packets can be read out precisely. The file can be a large but invisible image on a website; its typical latency serves as a probe during the measurement setup. Finally, you need the latency patterns of the files that you want to identify using the probe. However, these are easy to obtain from common websites or YouTube videos.

To test the method in practice, the researchers set themselves the goal of identifying certain YouTube videos. To achieve this, they recorded network latency curves while the victim watched various YouTube videos in Full-HD resolution. The latency values were treated using Short-Time Fourier Transforms, and these results were fed to a Convolutional Neural Network to assign the various curves to specific videos. When analyzing ten different Internet connections, SnailLoad achieved accuracies of between 37 and 98 percent.

Specific websites could also be identified in the same way. In a scenario with 100 popular websites, SnailLoad achieved a rate of 63 percent. Remarkably, the attack also worked when the training and test data came from different network connections, albeit with reduced accuracy.

SnailLoad significantly expands the variants for side-channel attacks via the network. Numerous previous works that rely on a man-in-the-middle could be transformed into fully remote attacks. Presumably, the method can also detect when two users are making video calls to each other.

Defense options

The authors consider the defense against a SnailLoad eavesdropping attack to be a challenge, because the causes – different bandwidths and buffers in the network path –} can hardly be eliminated. "Artificially adding noise to the network connection can reduce the accuracy of the attack, but at the expense of the quality of service for the user," the researchers write in their study.

Christoph Lüders, one of the original developers behind the Windows tuning tool cFosSpeed, believes the method is plausible, but also sees potential defenses: "What we know from experience is that downloads from different servers do indeed leave different latency patterns on the client. However, this is only statistically significant if you send at least thousands of packets. There are obvious ways to circumvent this technique: you could send some junk data before or after, possibly simply with HTTP-X headers. There could be small pauses when sending, the sender could send the data with small delays or send a half-full block of data occasionally. Or the sender could simply send old data blocks again. The receiver would simply discard them. The receiver could also delay the acknowledgement of receipt (ACK packets) slightly. There are certainly other ways, and of course combinations of all "measures".

In principle, things like different network cards, user devices with different loads during the measurement, different TCP stacks or simply different surfing behavior could also affect the quality of the measurement. We therefore asked Stefan Gast, first author of the study, for further information.

c't: Did you investigate how different operating systems, or rather different TCP stacks, behave in your measurement scenario?

Stefan Gast: One of our participants ran the video fingerprinting on macOS and it works just as well there as on Linux. We also ran a few of our basic experiments on Windows. It is possible that any background network activity on Windows adds a little more noise to our signal. However, this could be compensated for by more training data or longer recordings, as with other side-channel attacks.

The underlying cause is the different speeds of backbone connections and typical Internet connections. This means that the effect occurs regardless of the TCP/IP stack used.

c't: From asymmetric Internet connections, which send slower than they receive, we know the phenomenon that any uploads can slow down a download. How do uploads affect the analysis accuracy of SnailLoad?

Stefan Gast: Parallel transfers, whether uploads or downloads, significantly degrade our results if they actually exceed the capacity of the Internet connection – upstream or downstream –. We have investigated and proven this for downloads, see Section 8, Figure 11 in our paper. There will be a similar effect with parallel uploads, except that the outgoing packets will then accumulate on the Internet gateway, i.e. the router.

(dz)