[en] In this paper we present a slotted packet counting attack against anonymity protocols. Common packet counting attacks make strong assumptions on the setup and can easily lead to wrong conclusions, as we will show in our work. To overcome these limitations, we account for the variation of traffic load over time. We use correlation to express the relation between sender and receiver nodes. Our attack is applicable to many anonymity protocols. It assumes a passive attacker and works with partial knowledge of the network traffic.
Disciplines :
Sciences informatiques
Identifiants :
UNILU:UL-CONFERENCE-2009-691
Auteur, co-auteur :
FUSENIG, Volker ; University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
STAAB, Eugen ; University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
SORGER, Ulrich ; University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
ENGEL, Thomas ; University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
Co-auteurs externes :
no
Langue du document :
Anglais
Titre :
Slotted Packet Counting Attacks on Anonymity Protocols
Date de publication/diffusion :
2009
Nom de la manifestation :
Australasian Information Security Conference (AISC2009)
Lieu de la manifestation :
Wellington, Nouvelle-Zélande
Date de la manifestation :
January 2009
Manifestation à portée :
International
Titre de l'ouvrage principal :
The proceedings of the Australasian Information Security Conference
Back, A., Möller, U. & Stiglic, A. (2001), Traffic analysis attacks and trade-offs in anonymity providing systems, in 'IHW '01: Proceedings of the 4th International Workshop on Information Hiding', Springer-Verlag, London, UK, pp. 245-257.
Bain, L. J. & Engelhardt, M. (2000), Introduction to Probability and Mathematical Statistics, 2nd, edn, Duxbury Press.
Berthold, O., Federrath, H. & Köpsell, S. (2000), Web MIXes: A system for anonymous and unobservable Internet access, in H. Federrath, ed., 'Proceedings of Designing Privacy Enhancing Technologies: Workshop on Design Issues in Anonymity and Unobservability', Springer-Verlag, LNCS 2009, pp. 115-129.
Chaum, D. (1981), 'Untraceable electronic mail, return addresses, and digital pseudonyms', Communications of the ACM 4(2).
Danezis, G., Díaz, C. & Troncoso, C. (2007), Twosided statistical disclosure attack, in N. Borisov & P. Golle, eds, 'Proceedings of the Seventh Workshop on Privacy Enhancing Technologies (PET 2007)', Springer, Ottawa, Canada.
Danezis, G., Dingledine, R. & Mathewson, N. (2003), Mixminion: Design of a Type III Anonymous Remailer Protocol, in 'Proceedings of the 2003 IEEE Symposium on Security and Privacy'.
Dingledine, R., Mathewson, N. & Syverson, P. (2004), Tor: the second-generation onion router, in 'SSYM'04: Proceedings of the 13th conference on USENIX Security Symposium', USENIX Association, Berkeley, CA, USA, pp. 21-21.
EU Commission (2006), 'Directive 2006/24/ec of the european parliament and of the council of 15 march 2006', Office Journal of the European Union L 105/54.
Fusenig, V., Spiewak, D. & Engel, T. (2008), Acimn: A protocol for anonymous communication in multi hop wireless networks, in L. Brankovic & M. Miller, eds, 'Sixth Australasian Information Security Conference (AISC 2008)', Vol. 81 of CRPIT, ACS,Wollongong, NSW, Australia, pp. 107-114.
Goel, S., Robson, M., Polte, M. & Sirer, E. G. (2003), Herbivore: A Scalable and Efficient Protocol for Anonymous Communication, Technical Report 2003-1890, Cornell University, Ithaca, NY.
Goldschlag, D. M., Reed, M. G. & Syverson, P. F. (1996), Hiding Routing Information, in R. Anderson, ed., 'Proceedings of Information Hiding: First International Workshop', Springer-Verlag, LNCS 1174, pp. 137-150.
Huffmann, S. M. & Reifer, M. H. (2005), 'Method for geolocating logical network addresses', Patent of the United States of America as represented by the Directo, National Security Agency. Patent Number: 6,947,978.
Kiyavash, N., Houmansadr, A. & Borisov, N. (2008), Multi-flow attacks against network flow watermarking schemes, in 'USENIX Security Symposium', USENIX, p. 307-320.
Kong, J. & Hong, X. (2003), Anodr: anonymous on demand routing with untraceable routes for mobile ad-hoc networks, in 'MobiHoc '03: Proceedings of the 4th ACM international symposium on Mobile ad hoc networking & computing', ACM Press, New York, NY, USA, pp. 291-302.
Levine, B. N., Reiter, M. K., Wang, C. & Wright, M. K. (2004), Timing attacks in low-latency mixbased systems, in A. Juels, ed., 'Proceedings of Financial Cryptography (FC '04)', Springer-Verlag, LNCS 3110, pp. 251-265.
Paxson, V. & Floyd, S. (1994), 'Wide-area traffic: the failure of poisson modeling', SIGCOMM Comput. Commun. Rev. 24(4), 257-268.
Pfitzmann, A. & Köhntopp, M. (2000), Anonymity, unobservability, and pseudonymity - a proposal for terminology, in H. Federrath, ed., 'Workshop on Design Issues in Anonymity and Unobservability', Vol. 2009 of Lecture Notes in Computer Science, Springer, pp. 1-9.
Pyun, Y. J., Park, Y. H., Wang, X., Reeves, D. S. & Ning, P. (2007), Tracing traffic through intermediate hosts that repacketize flows, in 'INFOCOM', IEEE, pp. 634-642.
Raymond, J.-F. (2001), Traffic analysis: protocols, attacks, design issues, and open problems, in H. Federrath, ed., 'Designing Privacy Enhancing Technologies: Proceedings of International Workshop on Design Issues in Anonymity and Unobservability', Vol. 2009 of LNCS, Springer-Verlag New York, Inc., New York, NY, USA, pp. 10-29.
Reiter, M. & Rubin, A. (1998), 'Crowds: Anonymity for web transactions', ACM Transactions on Information and System Security 1(1).
Rijsbergen, C. J. V. (1979), Information Retrieval, Butterworth-Heinemann, Newton, MA, USA.
Serjantov, A. & Sewell, P. (2003), Passive attack analysis for connection-based anonymity systems, in 'Proceedings of ESORICS 2003'.
Seys, S. & Preneel, B. (2006), Arm: Anonymous routing protocol for mobile ad hoc networks, in 'Proceedings of the 20th IEEE International Conference on Advanced Information Networking and Applications-Workshops (AINA 2006Workshops)', IEEE, Vienna,AU, pp. 133-137.
Shields, C. & Levine, B. N. (2000), A protocol for anonymous communication over the internet, in 'CCS '00: Proceedings of the 7th ACM conference on Computer and communications security', pp. 33-42.
Sirer, E. G., Polte, M. & Robson, M. (2001), Cliquenet: A self-organizing, scalable, peer-topeer anonymous communication substrate, Technical Report TR2001, Cornell University, Computing and Information Science.
Sy, D., Chen, R. & Bao, L. (2006), Odar: On-demand anonymous routing in ad hoc networks, in 'The Third IEEE International Conference on Mobile Ad-hoc and Sensor Systems (MASS)'.
Syverson, P., Reed, M. & Goldschlag, D. (2000), Onion Routing access configurations, in 'DARPA Information Survivability Conference and Exposition (DISCEX 2000)', Vol. 1, IEEE CS Press, pp. 34-40.
Wang, X., Chen, S. & Jajodia, S. (2007), Network flow watermarking attack on low-latency anonymous communication systems, in 'IEEE Symposium on Security and Privacy', pp. 116-130.
Wang, X. & Reeves, D. S. (2003), Robust correlation of encrypted attack traffic through stepping stones by manipulation of interpacket delays, in 'ACM Conference on Computer and Communications Security', pp. 20-29.
Zhang, Y., Liu, W., Lou, W. & Fang, Y. (2006), Mask: Anonymous on-demand routing in mobile ad hoc networks, in 'Transactions on Wireless Communications', Vol. 21, IEEE, pp. 2376-2385.
