skip to main content
research-article

Compromising anonymous communication systems using blind source separation

Published:06 November 2009Publication History
Skip Abstract Section

Abstract

We propose a class of anonymity attacks to both wired and wireless anonymity networks. These attacks are based on the blind source separation algorithms widely used to recover individual signals from mixtures of signals in statistical signal processing. Since the philosophy behind the design of current anonymity networks is to mix traffic or to hide in crowds, the proposed anonymity attacks are very effective.

The flow separation attack proposed for wired anonymity networks can separate the traffic in a mix network. Our experiments show that this attack is effective and scalable. By combining the flow separation method with frequency spectrum matching, a passive attacker can derive the traffic map of the mix network. We use a nontrivial network to show that the combined attack works.

The proposed anonymity attacks for wireless networks can identify nodes in fully anonymized wireless networks using collections of very simple sensors. Based on a time series of counts of anonymous packets provided by the sensors, we estimate the number of nodes with the use of principal component analysis. We then proceed to separate the collected packet data into traffic flows that, with help of the spatial diversity in the available sensors, can be used to estimate the location of the wireless nodes. Our simulation experiments indicate that the estimators show high accuracy and high confidence for anonymized TCP traffic. Additional experiments indicate that the estimators perform very well in anonymous wireless networks that use traffic padding.

References

  1. Bahl, P. and Padmanabhan, V. N. 2000. Radar: An in-building-based user location and tracking system. In Proceedings of the 19th Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM'00). IEEE, Los Alamitos, CA, 775--784.Google ScholarGoogle Scholar
  2. Belouchrani, A., Abed-Meraim, K., Cardoso, J.-F., and Moulines, E. 1997. A blind source separation technique using second order statistics. IEEE Trans. Signal Process. 45, 2, 434--444. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Berthold, O. and Langos, H. 2002. Dummy traffic against long term intersection attacks. In Proceedings of the Privacy Enhancing Technologies Workshop (PET'02). Springer, Berlin, 110--128. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Berthold, O., Pfitzmann, A., and Standtke, R. 2000. The disadvantages of free MIX routes and how to overcome them. In Proceedings of the Designing Privacy Enhancing Technologies: Workshop on Design Issues in Anonymity and Unobservability. Springer, Berlin, 30--45. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Cai, J., You, H., Lu, B., Pooch, U., and Mi, L. 2005. Whisper: A lightweight anonymous communication mechanism in wireless ad-hoc networks. In Proceedings of Internation Conference on Wireless Networks (ICWN'05). 482--488.Google ScholarGoogle Scholar
  6. Cardoso, J.-F. 1998. Blind signal separation: Statistical principles. In Proceedings of the IEEE 86, 10, 2009--2025.Google ScholarGoogle ScholarCross RefCross Ref
  7. Cruces, S. and Cichocki, A. 2003. Combining blind source extraction with joint approximate diagonalization: Thin algorithms for ICA. In Proceedings of the 4th Symposium on Independent Component Analysis and Blind Signal Separation. Academic Press, Orlando, FL, 463--468.Google ScholarGoogle Scholar
  8. Cuellar, J. R., John B. Morris, J., Mulligan, D. K., Peterson, J., and Polk, J. M. 2004. RFC 3693: Geopriv requirements. http://www.ietf.org/rfc/rfc36-93.txt.Google ScholarGoogle Scholar
  9. Danezis, G. 2004. The traffic analysis of continuous-time mixes. In Proceedings of the Privacy Enhancing Technologies Workshop (PET'04). Springer, Berlin, 35--50. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Danezis, G., Dingledine, R., and Mathewson, N. 2003. Maxminion: Design of a type iii anonymous remailer protocol. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE, Los Alamitos, CA, 2--15. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Danezis, G. and Serjantov, A. 2004. Statistical disclosure or intersection attacks on anonymity systems. In Proceedings of the 6th Information Hiding Workshop (IH'04). Springer, Berlin, 293--308. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Diaz, C., Seys, S., Claessens, J., and Preneel, B. 2002. Towards measuring anonymity. In Proceedings of Privacy Enhancing Technologies Workshop (PET'02). Springer, Berlin, 54--68. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Dingledine, R., Mathewson, N., and Syverson, P. 2004. Tor: The second-generation onion router. In Proceedings of the 13th USENIX Security Symposium. USENIX, Berkley, CA, 303--320. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Dusi, M., Gringoli, F., and Salgarelli, L. 2008. A preliminary look at the privacy of tunnels. In Proceedings of 17th International Conference on Computer Communications and Networks (ICCN'08). IEEE, Los Alamitos, CA, 1--7.Google ScholarGoogle Scholar
  15. Elnahrawy, E., Li, X., and Martin, R. P. 2004. The limits of localization using signal strength: A comparative study. In Proceedings of the 1st IEEE Communications Society Conference on Sensor and ad Hoc Communications and Networks. IEEE, Los Alamitos, CA, 406--414.Google ScholarGoogle Scholar
  16. Goldschlag, D., Reed, M., and Syverson, P. 1999. Onion routing for anonymous and private internet connections. Comm. ACM 42, 2, 39--41. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Gruteser, M. and Grunwald, D. 2003. Enhancing location privacy in wireless through disposable interface identifiers: A quantitative analysis. In Proceedings of the 1st ACM International Workshop on Wireless Mobile Applications and Services on WLAN Hotspots. ACM, New York, 46--55. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Gülcü, C. and Tsudik, G. 1996. Mixing e-mail with Babel. In Proceedings of the Network and Distributed Security Symposium (NDSS '96). IEEE, Los Alamitos, CA, 2--16. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Guvenc, I., Chaouki T., Abdallah, R. J., and Dedeoglu, O. 2003. Enhancements to based indoor tracking systems using Kalman filters. In Proceedings of the GSPx and International Signal Processing Conference.Google ScholarGoogle Scholar
  20. He, Z., Yang, L., Liu, J., Lu, Z., He, C., and Shi, Y. 2000. Blind source separation using clustering-based multivariate density estimation algorithm. IEEE Trans. Signal Process. 48, 2, 575--579. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Helsingius, J. 1996. Press release: Johan Helsingius closes his Internet remailer. http://www.penet.fi/press-english.html.Google ScholarGoogle Scholar
  22. Howard, J. D. 1998. An analysis of security incidents on the internet 1989--1995. Ph.D. thesis. Carnegie Mellon University, Pittsburgh, PA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Huang, P., Feldmann, A., and Willinger, W. 2001. A non-intrusive, wavelet-based approach to detecting network performance problems. In Proceedings of the Internet Measurement Workshop. ACM, New York, 213--227. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Hyvarinen, A. and Inki, M. 2002. Estimating over-complete independent component bases for image windows. J. Math. Imag. Vis. 17, 2, 139--152. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Hyvarinen, A. and Oja, E. 1997. A fast fixed-point algorithm for independent component analysis. Neural Comput. 9, 7, 1483--1492. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Jutten, C. and Herault, J. 1991. Blind separation of sources, part 1: An adaptive algorithm- based on neuromimetic architecture. Signal Process. 24, 1, 1--10. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Kesdogan, D., Egner, J., and Bueschkes, R. 1998. Stop-and-go MIXes: Providing probabilistic anonymity in an open system. In Proceedings of the Information Hiding Workshop (IH'98). Springer, Berlin, 83--98.Google ScholarGoogle Scholar
  28. Kong, J., Gerla, M., and Hong, X. 2003. A new set of passive routing attacks in mobile ad hoc networks. In Proceedings of the IEEE Military Communications Conference (MILCOM'03). IEEE, Los Alamitos, CA, 796--801. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Kong, J. and Hong, X. 2003. ANODR: Anonymous on demand routing with untraceable routes for mobile ad-hoc networks. In Proceedings of the 4th ACM International Symposium on Mobile Ad-Hoc Networking and Computing (MOBIHOC-03). ACM, New York, 291--302. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. Levine, B. N., Reiter, M. K., Wang, C., and Wright, M. K. 2004. Timing attacks in low-latency mix-based systems. In Proceedings of the 8th International Conference on Financial Cryptography (FC'04). Springer, Berlin, 251--265.Google ScholarGoogle Scholar
  31. Molgedey, L. and Schuster, H. G. 1994. Separation of a mixture of independent signals using time delayed correlations. Phys. Rev. Lett. 72, 23, 3634--3637.Google ScholarGoogle ScholarCross RefCross Ref
  32. Niculescu, D. and Nath, B. 2004. Vor base stations for indoor 802.11 positioning. In Proceedings of the 10th Annual International Conference on Mobile Computing and Networking. ACM, New York, 58--69. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Parekh, S. 1996. Prospects for remailers—where is anonymity heading on the internet. http://www._rstmonday.dk/issues/issue2/remailersGoogle ScholarGoogle Scholar
  34. Pham, D.-T., Garrat, P., and Jutten, C. 1992. Separation of a mixture of independent sources through a maximum likelihood approach. In Proceedings of the 6th European Signal Processing Conference (EUSIPCO'92). Elsevier, The Netherlands, 771--774.Google ScholarGoogle Scholar
  35. Porras, P., Saidi, H., and Yegneswaran, V. 2007. A multi-perspective analysis of the storm (peacomm) worm. Tech. rep., SRI International, Computer Science Laboratory, Menlo Park, CA. http://www.cyber-ta.org/pubs/StormWorm/.Google ScholarGoogle Scholar
  36. Raymond, J. 2001. Traffic analysis: Protocols, attacks, design issues and open problems. In Proceedings of the International Workshop on Design Issues in Anonymity and Unobservability. Springer-Verlag, Berlin, 10--29. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. Reiter, M. K. and Rubin, A. D. 1998. Crowds: Anonymity for Web transactions. ACM Trans. Inf. Syst. Secur. 1, 1, 66--92. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Rennhard, M. and Plattner, B. 2002. Introducing morphmix: Peer-to-peer-based anonymous internet usage with collusion detection. In Proceedings of the ACM workshop on Privacy in the Electronic Society (WPES'02). ACM, New York, 91--102. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. Serjantov, A. and Danezis, G. 2002. Towards an information theoretic metric for anonymity. In Proceedings of the Privacy Enhancing Technologies Workshop (PET'02). Springer, Berlin, 41--53. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. Serjantov, A., Dingledine, R., and Syverson, P. 2002. From a trickle to a flood: Active attacks on several mix types. In Proceedings of the Information Hiding Workshop (IH'02). Springer, Berlin, 36--52. Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. Sherwood, R., Bhattacharjee, B., and Srinivasan, A. 2002. p5: A protocol for scalable anonymous communication. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE, Los Alamitos, CA, 58--70. Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. Tong, L., wen Liu, R., Soon, V. C., and Huang, Y.-F. 1991. Indeterminacy and identifiability of blind identification. IEEE Trans. Circuits Syst. 38, 5, 499--509.Google ScholarGoogle ScholarCross RefCross Ref
  43. von Rickenbach, P. and Wattenhofer, R. 2004. Gathering correlated data in sensor networks. In Proceedings of the Joint Workshop on Foundations of Mobile Computing. ACM, New York, 60--66. Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. Zhang, Y., Liu, W., and Lou, W. 2005. Anonymous communications in mobile ad hoc networks. In Proceedings of the 24th Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM'05). IEEE, Los Alamitos, CA, 1940--1951.Google ScholarGoogle Scholar
  45. Zhu, B., Wan, Z., Kankanhalli, M. S., Bao, F., and Deng, R. H. 2004. Anonymous secure routing in mobile ad-hoc networks. In Proceedings of the 29th Annual IEEE International Conference on Local Computer Networks (LCN'04). Los Alamitos, CA, 102--108. Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. Zhu, Y. and Bettati, R. 2007. Compromising confidentiality in wireless network using sensors with limited information. In Proceedings of the IEEE International Conference on Distributed Computing Systems (ICDCS'07). IEEE, Los Alamitos, CA. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Compromising anonymous communication systems using blind source separation

        Recommendations

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        • Published in

          cover image ACM Transactions on Information and System Security
          ACM Transactions on Information and System Security  Volume 13, Issue 1
          October 2009
          289 pages
          ISSN:1094-9224
          EISSN:1557-7406
          DOI:10.1145/1609956
          Issue’s Table of Contents

          Copyright © 2009 ACM

          Publisher

          Association for Computing Machinery

          New York, NY, United States

          Publication History

          • Published: 6 November 2009
          • Accepted: 1 January 2009
          • Revised: 1 December 2008
          • Received: 1 July 2007
          Published in tissec Volume 13, Issue 1

          Permissions

          Request permissions about this article.

          Request Permissions

          Check for updates

          Qualifiers

          • research-article
          • Research
          • Refereed

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!