Stealthy traffic analysis of low-latency anonymous communication using throughput fingerprinting

Proceedings of the ACM Conference on Computer and Communications Security

Volumn , Issue , 2011, Pages 215-226

  Mittal, Prateek ^a   Khurshid, Ahmed ^a   Juen, Joshua ^a   Caesar, Matthew ^a   Borisov, Nikita ^a  

^a UNIVERSITY OF ILLINOIS AT URBANA CHAMPAIGN   (United States)

Author keywords

Anonymity; Attacks; Throughput

Indexed keywords

ANONYMITY; ANONYMOUS COMMUNICATION; ATTACKS; ERROR RATE; HIGH CONFIDENCE; LOW-LATENCY; MULTIPLE CONNECTIONS; TCP CONNECTIONS; TRAFFIC ANALYSIS; UNLINKABILITY;

COMPUTER CONTROL SYSTEMS; ENTROPY; NETWORK SECURITY; TRANSMISSION CONTROL PROTOCOL;

THROUGHPUT;

EID: 80755187817     PISSN: 15437221     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2046707.2046732     Document Type: Conference Paper

References (51)

1. http://netfiles.uiuc.edu/mittal2/www/throughput-fingerprinting.html.
2. Cisco Systems, Inc., Cisco IOS Netflow. http://www.cisco.com/en/US/ products/ps6601/products-ios-protocol-group-home.html.
3. Symantec data loss prevention. http://www.Symantec.com/business/products/ family.jsp?familyid=data-loss-prevention.
4. ABBOTT, T., LAI, K., LIEBERMAN, M., AND PRICE, E. Browser-based attacks on Tor. In PETS (2007).
5. ALSABAH, M., BAUER, K., GOLDBERG, I., GRUNWALD, D., MCCOY, D., SAVAGE, S., AND VOELKER, G. DefenestraTor: Throwing out windows in Tor. Tech. rep., University of Waterloo, 2011.
6. BACK, A., GOLDBERG, I., AND SHOSTACK, A. Freedom systems 2.1 security issues and analysis. White paper, Zero Knowledge Systems, Inc., May 2001.
7. BACK, A., MÖLLER, U., AND STIGLIC, A. Traffic analysis attacks and trade-offs in anonymity providing systems. In IH (2001).
8. BERTHOLD, O., FEDERRATH, H., AND KÖHNTOPP, M. Project "anonymity and unobservability in the Internet". In 10th Conf. on Computers, Freedom and Privacy (2000).
9. BERTHOLD, O., FEDERRATH, H., AND KOPSELL, S. Web MIXes: A system for anonymous and unobservable Internet access. In Proceedings of Designing Privacy Enhancing Technologies: Workshop on Design Issues in Anonymity and Unobservability (2000).
10. BORISOV, N., DANEZIS, G., MITTAL, P., AND TABRIZ, P. Denial of service or denial of security? How attacks on reliability can compromise anonymity. In CCS (2007).
11. CHAKRAVARTY, S., STAVROU, A., AND KEROMYTIS, A. D. Traffic analysis against low-latency anonymity networks using available bandwidth estimation. In ESORICS (2010).
12. CHAUM, D. Untraceable electronic mail, return addresses, and digital pseudonyms. CACM 24, 2 (1981).
13. DANEZIS, G. Statistical disclosure attacks: Traffic confirmation in open environments. In Proceedings of Security and Privacy in the Age of Uncertainty, (SEG2003) (2003).
14. DANEZIS, G., DINGLEDINE, R., AND MATHEWSON, N. Mixminion: Design of a Type III anonymous remailer protocol. In IEEE S&P (2003).
15. DIAZ, C., SEYS, S., CLAESSENS, J., AND PRENEEL, B. Towards measuring anonymity. In PETS (2002).
16. DINGLEDINE, R., MATHEWSON, N., AND SYVERSON, P. Tor: The second-generation onion router. In USENIX Security (2004).
17. EDMAN, M., AND SYVERSON, P. AS-awareness in Tor path selection. In CCS (2009).
18. EMULAB. EMULAB - Network Emulation Testbed Home. https://www.emulab.net/.
19. EVANS, N. S., DINGLEDINE, R., AND GROTHOFF, C. A practical congestion attack on Tor using long paths. In USENIX Security (2009).
20. FEAMSTER, N., AND DINGLEDINE, R. Location diversity in anonymity networks. In WPES (2004).
21. FISHER, R. On the probable error of a coefficient of correlation deduced from a small sample. Metron (1921).
22. GULCU, C, AND TSUDIK, G. Mixing E-mail with Babel. In NDSS (1996).
23. HE, J., SUCHARA, M., BRESLER, M., REXFORD, J., AND CHIANG, M. Rethinking Internet traffic management: From multiple decompositions to a practical protocol. In CoNext (2007).
24. HOPPER, N., VASSERMAN, E. Y., AND CHAN-TIN, E. HOW much anonymity does network latency leak? In CCS (2007).
25. HOPPER, N., VASSERMAN, E. Y., AND CHAN-TIN, E. HOW much anonymity does network latency leak? ACM Trans. Inf. Syst. Secur. (2010).
26. HOUMANSADR, A., AND BORISOV, N. SWIRL: A scalable watermark to detect correlated network flows. In NDSS (2011).
27. Hu, N., LI, L., MAO, Z., STEENKISTE, P., AND WANG, J. A measurement study of Internet bottlenecks. INFOCOM (2005).
28. I2P. I2P anonymous network. http://www.i2p2.de/index.html, 2003.
29. JACOBSON, V. Pathchar. http: //www.caida.org/tools/utilities/others/ pathchar/.
30. KESDOGAN, D., AGRAWAL, D., AND PENZ, S. Limits of anonymity in open environments. In IH (2002).
31. KOBLAS, D., AND KOBLAS, M. R. SOCKS. In UNIX Security III Symposium (1992).
32. LOESING, K. Measuring the Tor network from public directory information. In HotPets (2009).
33. MCLACHLAN, J., AND HOPPER, N. Don't clog the queue! Circuit clogging and mitigation in P2P anonymity schemes. In FC (2008).
34. MITTAL, P., KHURSHID, A., JUEN, J., CAESAR, M., AND BORISOV, N. Stealthy traffic analysis of low-latency anonymous communication using throughput-fingerprinting, 2011. Available at http://netfiles.uiuc.edu/mittal2/ www/throughput-fingerprinting.pdf.
35. MITTAL, P., PAXSON, V., SOMMER, R., AND WINTERROWD, M. Securing mediated trace access using black-box permutation analysis. In HotNets (2009).
36. MOLLER, U., COTTRELL, L., PALFRADER, P., AND SASSAMAN, L. Mixmaster Protocol - Version 2. IETF Internet Draft, July 2003.
37. MURDOCH, S. J. Hot or not: Revealing hidden services by their clock skew. In CCS (2006).
38. MURDOCH, S. J., AND DANEZIS, G. Low-cost traffic analysis of Tor. In IEEE S&P (2005).
39. MURDOCH, S. J., AND ZIELINSKI, P. Sampled traffic analysis by Internet-exchange-level adversaries. In PETS (2007).
40. OVERLIER, L., AND SYVERSON, P. Locating hidden servers. In IEEE S&P (2006).
41. PADHYE, J., FIROIU, V., TOWSLEY, D., AND KUROSE, J. Modeling tcp throughput: a simple model and its empirical validation. SIGCOMM Comput. Commun. Rev. 28 (October 1998), 303-314. (Pubitemid 128566467)
42. PERRY, M. Torflow: Tor network analysis. In HotPets (2009).
43. RAYMOND, J.-F. Traffic analysis: Protocols, attacks, design issues, and open problems. In Designing Privacy Enhancing Technologies (2000).
44. SERJANTOV, A., AND DANEZIS, G. Towards an information theoretic metric for anonymity. In PET (2002).
45. SNADER, R., AND BORISOV, N. Eigenspeed: Secure peer-to-peer bandwidth evaluation. In IPTPS (2009).
46. SYVERSON, P., TSUDIK, G., REED, M., AND LANDWEHR, C. Towards an analysis of onion routing security. In Designing Privacy Enhancing Technologies (2000), pp. 96 - 114.
47. SYVERSON, P. F., GOLDSCHLAG, D. M., AND REED, M. G. Anonymous connections and onion routing. Security and Privacy, IEEE Symposium on 0 (1997).
48. THE TOR PROJECT. Tor metrics portal. http://metrics.torproject.org/.
49. THE TOR PROJECT. Who uses Tor. http://www.torproject.org/about/torusers. html.en. Accessed Februrary 2011.
50. WRIGHT, M., ADLER, M., LEVINE, B. N., AND SHIELDS, C. An analysis of the degradation of anonymous protocols. In NDSS (2002).
51. WRIGHT, M., ADLER, M., LEVINE, B. N., AND SHIELDS, C. Defending anonymous communication against passive logging attacks. In IEEE S&P (2003).