This project is a proof of concept, demonstrating the capability to make one TCP stream look like another. Once finalized, Chameleon will likely live inside one of the Tor pluggable transports, enabling protection against particular types of HTTP timing side channels.
As a research prototype, this code is public domain.
When emulating a stream of a user watching a YouTube video, Chameleon is able to reproduce the packet sizes and times with reasonably good accuracy:
The above graph showed the performance of loading this video, without
adblocking, for 24 seconds; this evaluation was done in Chrome, which
negotiates the ECDHE-RSA-RC4-SHA cipher suite.
As can be seen in the above data, there is still work to be done. In particular, the code has a race condition when packets are sent faster than 500 Hz; as a result, packets sent faster than that are put into a queue, smearing the resulting packet stream somewhat. We also do not yet support actually sending data over the resulting stream.
The Jupyter notebook for this example is also available for reference.
When capturing data, we used tcpdump -i iface -w File.pcap.