Abstract
We propose a class of anonymity attacks to both wired and wireless anonymity networks. These attacks are based on the blind source separation algorithms widely used to recover individual signals from mixtures of signals in statistical signal processing. Since the philosophy behind the design of current anonymity networks is to mix traffic or to hide in crowds, the proposed anonymity attacks are very effective.
The flow separation attack proposed for wired anonymity networks can separate the traffic in a mix network. Our experiments show that this attack is effective and scalable. By combining the flow separation method with frequency spectrum matching, a passive attacker can derive the traffic map of the mix network. We use a nontrivial network to show that the combined attack works.
The proposed anonymity attacks for wireless networks can identify nodes in fully anonymized wireless networks using collections of very simple sensors. Based on a time series of counts of anonymous packets provided by the sensors, we estimate the number of nodes with the use of principal component analysis. We then proceed to separate the collected packet data into traffic flows that, with help of the spatial diversity in the available sensors, can be used to estimate the location of the wireless nodes. Our simulation experiments indicate that the estimators show high accuracy and high confidence for anonymized TCP traffic. Additional experiments indicate that the estimators perform very well in anonymous wireless networks that use traffic padding.
- Bahl, P. and Padmanabhan, V. N. 2000. Radar: An in-building-based user location and tracking system. In Proceedings of the 19th Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM'00). IEEE, Los Alamitos, CA, 775--784.Google Scholar
- Belouchrani, A., Abed-Meraim, K., Cardoso, J.-F., and Moulines, E. 1997. A blind source separation technique using second order statistics. IEEE Trans. Signal Process. 45, 2, 434--444. Google Scholar
Digital Library
- Berthold, O. and Langos, H. 2002. Dummy traffic against long term intersection attacks. In Proceedings of the Privacy Enhancing Technologies Workshop (PET'02). Springer, Berlin, 110--128. Google Scholar
Digital Library
- Berthold, O., Pfitzmann, A., and Standtke, R. 2000. The disadvantages of free MIX routes and how to overcome them. In Proceedings of the Designing Privacy Enhancing Technologies: Workshop on Design Issues in Anonymity and Unobservability. Springer, Berlin, 30--45. Google Scholar
Digital Library
- Cai, J., You, H., Lu, B., Pooch, U., and Mi, L. 2005. Whisper: A lightweight anonymous communication mechanism in wireless ad-hoc networks. In Proceedings of Internation Conference on Wireless Networks (ICWN'05). 482--488.Google Scholar
- Cardoso, J.-F. 1998. Blind signal separation: Statistical principles. In Proceedings of the IEEE 86, 10, 2009--2025.Google Scholar
Cross Ref
- Cruces, S. and Cichocki, A. 2003. Combining blind source extraction with joint approximate diagonalization: Thin algorithms for ICA. In Proceedings of the 4th Symposium on Independent Component Analysis and Blind Signal Separation. Academic Press, Orlando, FL, 463--468.Google Scholar
- Cuellar, J. R., John B. Morris, J., Mulligan, D. K., Peterson, J., and Polk, J. M. 2004. RFC 3693: Geopriv requirements. http://www.ietf.org/rfc/rfc36-93.txt.Google Scholar
- Danezis, G. 2004. The traffic analysis of continuous-time mixes. In Proceedings of the Privacy Enhancing Technologies Workshop (PET'04). Springer, Berlin, 35--50. Google Scholar
Digital Library
- Danezis, G., Dingledine, R., and Mathewson, N. 2003. Maxminion: Design of a type iii anonymous remailer protocol. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE, Los Alamitos, CA, 2--15. Google Scholar
Digital Library
- Danezis, G. and Serjantov, A. 2004. Statistical disclosure or intersection attacks on anonymity systems. In Proceedings of the 6th Information Hiding Workshop (IH'04). Springer, Berlin, 293--308. Google Scholar
Digital Library
- Diaz, C., Seys, S., Claessens, J., and Preneel, B. 2002. Towards measuring anonymity. In Proceedings of Privacy Enhancing Technologies Workshop (PET'02). Springer, Berlin, 54--68. Google Scholar
Digital Library
- Dingledine, R., Mathewson, N., and Syverson, P. 2004. Tor: The second-generation onion router. In Proceedings of the 13th USENIX Security Symposium. USENIX, Berkley, CA, 303--320. Google Scholar
Digital Library
- Dusi, M., Gringoli, F., and Salgarelli, L. 2008. A preliminary look at the privacy of tunnels. In Proceedings of 17th International Conference on Computer Communications and Networks (ICCN'08). IEEE, Los Alamitos, CA, 1--7.Google Scholar
- Elnahrawy, E., Li, X., and Martin, R. P. 2004. The limits of localization using signal strength: A comparative study. In Proceedings of the 1st IEEE Communications Society Conference on Sensor and ad Hoc Communications and Networks. IEEE, Los Alamitos, CA, 406--414.Google Scholar
- Goldschlag, D., Reed, M., and Syverson, P. 1999. Onion routing for anonymous and private internet connections. Comm. ACM 42, 2, 39--41. Google Scholar
Digital Library
- Gruteser, M. and Grunwald, D. 2003. Enhancing location privacy in wireless through disposable interface identifiers: A quantitative analysis. In Proceedings of the 1st ACM International Workshop on Wireless Mobile Applications and Services on WLAN Hotspots. ACM, New York, 46--55. Google Scholar
Digital Library
- Gülcü, C. and Tsudik, G. 1996. Mixing e-mail with Babel. In Proceedings of the Network and Distributed Security Symposium (NDSS '96). IEEE, Los Alamitos, CA, 2--16. Google Scholar
Digital Library
- Guvenc, I., Chaouki T., Abdallah, R. J., and Dedeoglu, O. 2003. Enhancements to based indoor tracking systems using Kalman filters. In Proceedings of the GSPx and International Signal Processing Conference.Google Scholar
- He, Z., Yang, L., Liu, J., Lu, Z., He, C., and Shi, Y. 2000. Blind source separation using clustering-based multivariate density estimation algorithm. IEEE Trans. Signal Process. 48, 2, 575--579. Google Scholar
Digital Library
- Helsingius, J. 1996. Press release: Johan Helsingius closes his Internet remailer. http://www.penet.fi/press-english.html.Google Scholar
- Howard, J. D. 1998. An analysis of security incidents on the internet 1989--1995. Ph.D. thesis. Carnegie Mellon University, Pittsburgh, PA. Google Scholar
Digital Library
- Huang, P., Feldmann, A., and Willinger, W. 2001. A non-intrusive, wavelet-based approach to detecting network performance problems. In Proceedings of the Internet Measurement Workshop. ACM, New York, 213--227. Google Scholar
Digital Library
- Hyvarinen, A. and Inki, M. 2002. Estimating over-complete independent component bases for image windows. J. Math. Imag. Vis. 17, 2, 139--152. Google Scholar
Digital Library
- Hyvarinen, A. and Oja, E. 1997. A fast fixed-point algorithm for independent component analysis. Neural Comput. 9, 7, 1483--1492. Google Scholar
Digital Library
- Jutten, C. and Herault, J. 1991. Blind separation of sources, part 1: An adaptive algorithm- based on neuromimetic architecture. Signal Process. 24, 1, 1--10. Google Scholar
Digital Library
- Kesdogan, D., Egner, J., and Bueschkes, R. 1998. Stop-and-go MIXes: Providing probabilistic anonymity in an open system. In Proceedings of the Information Hiding Workshop (IH'98). Springer, Berlin, 83--98.Google Scholar
- Kong, J., Gerla, M., and Hong, X. 2003. A new set of passive routing attacks in mobile ad hoc networks. In Proceedings of the IEEE Military Communications Conference (MILCOM'03). IEEE, Los Alamitos, CA, 796--801. Google Scholar
Digital Library
- Kong, J. and Hong, X. 2003. ANODR: Anonymous on demand routing with untraceable routes for mobile ad-hoc networks. In Proceedings of the 4th ACM International Symposium on Mobile Ad-Hoc Networking and Computing (MOBIHOC-03). ACM, New York, 291--302. Google Scholar
Digital Library
- Levine, B. N., Reiter, M. K., Wang, C., and Wright, M. K. 2004. Timing attacks in low-latency mix-based systems. In Proceedings of the 8th International Conference on Financial Cryptography (FC'04). Springer, Berlin, 251--265.Google Scholar
- Molgedey, L. and Schuster, H. G. 1994. Separation of a mixture of independent signals using time delayed correlations. Phys. Rev. Lett. 72, 23, 3634--3637.Google Scholar
Cross Ref
- Niculescu, D. and Nath, B. 2004. Vor base stations for indoor 802.11 positioning. In Proceedings of the 10th Annual International Conference on Mobile Computing and Networking. ACM, New York, 58--69. Google Scholar
Digital Library
- Parekh, S. 1996. Prospects for remailers—where is anonymity heading on the internet. http://www._rstmonday.dk/issues/issue2/remailersGoogle Scholar
- Pham, D.-T., Garrat, P., and Jutten, C. 1992. Separation of a mixture of independent sources through a maximum likelihood approach. In Proceedings of the 6th European Signal Processing Conference (EUSIPCO'92). Elsevier, The Netherlands, 771--774.Google Scholar
- Porras, P., Saidi, H., and Yegneswaran, V. 2007. A multi-perspective analysis of the storm (peacomm) worm. Tech. rep., SRI International, Computer Science Laboratory, Menlo Park, CA. http://www.cyber-ta.org/pubs/StormWorm/.Google Scholar
- Raymond, J. 2001. Traffic analysis: Protocols, attacks, design issues and open problems. In Proceedings of the International Workshop on Design Issues in Anonymity and Unobservability. Springer-Verlag, Berlin, 10--29. Google Scholar
Digital Library
- Reiter, M. K. and Rubin, A. D. 1998. Crowds: Anonymity for Web transactions. ACM Trans. Inf. Syst. Secur. 1, 1, 66--92. Google Scholar
Digital Library
- Rennhard, M. and Plattner, B. 2002. Introducing morphmix: Peer-to-peer-based anonymous internet usage with collusion detection. In Proceedings of the ACM workshop on Privacy in the Electronic Society (WPES'02). ACM, New York, 91--102. Google Scholar
Digital Library
- Serjantov, A. and Danezis, G. 2002. Towards an information theoretic metric for anonymity. In Proceedings of the Privacy Enhancing Technologies Workshop (PET'02). Springer, Berlin, 41--53. Google Scholar
Digital Library
- Serjantov, A., Dingledine, R., and Syverson, P. 2002. From a trickle to a flood: Active attacks on several mix types. In Proceedings of the Information Hiding Workshop (IH'02). Springer, Berlin, 36--52. Google Scholar
Digital Library
- Sherwood, R., Bhattacharjee, B., and Srinivasan, A. 2002. p5: A protocol for scalable anonymous communication. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE, Los Alamitos, CA, 58--70. Google Scholar
Digital Library
- Tong, L., wen Liu, R., Soon, V. C., and Huang, Y.-F. 1991. Indeterminacy and identifiability of blind identification. IEEE Trans. Circuits Syst. 38, 5, 499--509.Google Scholar
Cross Ref
- von Rickenbach, P. and Wattenhofer, R. 2004. Gathering correlated data in sensor networks. In Proceedings of the Joint Workshop on Foundations of Mobile Computing. ACM, New York, 60--66. Google Scholar
Digital Library
- Zhang, Y., Liu, W., and Lou, W. 2005. Anonymous communications in mobile ad hoc networks. In Proceedings of the 24th Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM'05). IEEE, Los Alamitos, CA, 1940--1951.Google Scholar
- Zhu, B., Wan, Z., Kankanhalli, M. S., Bao, F., and Deng, R. H. 2004. Anonymous secure routing in mobile ad-hoc networks. In Proceedings of the 29th Annual IEEE International Conference on Local Computer Networks (LCN'04). Los Alamitos, CA, 102--108. Google Scholar
Digital Library
- Zhu, Y. and Bettati, R. 2007. Compromising confidentiality in wireless network using sensors with limited information. In Proceedings of the IEEE International Conference on Distributed Computing Systems (ICDCS'07). IEEE, Los Alamitos, CA. Google Scholar
Digital Library
Index Terms
Compromising anonymous communication systems using blind source separation
Recommendations
A unifying criterion for instantaneous blind source separation based on correntropy
Correntropy has recently been introduced as a generalized correlation function between two stochastic processes, which contains both high-order statistics and temporal structure of the stochastic processes in one functional form. Based on this blend of ...
Blind source separation of convolutive mixtures
SSAP '96: Proceedings of the 8th IEEE Signal Processing Workshop on Statistical Signal and Array Processing (SSAP '96)When a priori information about the propagation or the geometry of the array are not available, the model can be generalized to a blind source separation problem. It supposes the statistical independence of the sources and their non-Gaussianity. The ...
Convolutive blind source separation by fourth-order statistics
ICICS'09: Proceedings of the 7th international conference on Information, communications and signal processingIn this paper, we present a new method using fourthorder statistics for convolutive blind source separation. After a whitening process of the observed data, the separation of convolutive mixtures are transformed to find a semi-unitary demixing matrix. ...






Comments