Crowds: anonymity for Web transactions
ACM Transactions on Information and System Security (TISSEC)
Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
King: estimating latency between arbitrary internet end hosts
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Introducing MorphMix: peer-to-peer based anonymous Internet usage with collusion detection
Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society
Traffic Analysis Attacks and Trade-Offs in Anonymity Providing Systems
IHW '01 Proceedings of the 4th International Workshop on Information Hiding
Mixminion: Design of a Type III Anonymous Remailer Protocol
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Defending Anonymous Communications Against Passive Logging Attacks
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
PlanetLab: an overlay testbed for broad-coverage services
ACM SIGCOMM Computer Communication Review
PIC: Practical Internet Coordinates for Distance Estimation
ICDCS '04 Proceedings of the 24th International Conference on Distributed Computing Systems (ICDCS'04)
Vivaldi: a decentralized network coordinate system
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Low-Cost Traffic Analysis of Tor
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
An introduction to ROC analysis
Pattern Recognition Letters - Special issue: ROC analysis in pattern recognition
Hot or not: revealing hidden services by their clock skew
Proceedings of the 13th ACM conference on Computer and communications security
Constraint-based geolocation of internet hosts
IEEE/ACM Transactions on Networking (TON)
A network positioning system for the internet
ATEC '04 Proceedings of the annual conference on USENIX Annual Technical Conference
Tor: the second-generation onion router
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Scriptroute: a public internet measurement facility
USITS'03 Proceedings of the 4th conference on USENIX Symposium on Internet Technologies and Systems - Volume 4
Geolocalization on the internet through constraint satisfaction
WORLDS'06 Proceedings of the 3rd conference on USENIX Workshop on Real, Large Distributed Systems - Volume 3
How much anonymity does network latency leak?
Proceedings of the 14th ACM conference on Computer and communications security
Fingerprinting websites using traffic analysis
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Network coordinates in the wild
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
Practical traffic analysis: extending and resisting statistical disclosure
PET'04 Proceedings of the 4th international conference on Privacy Enhancing Technologies
Preventing active timing attacks in low-latency anonymous communication
PETS'10 Proceedings of the 10th international conference on Privacy enhancing technologies
CONCUR'10 Proceedings of the 21st international conference on Concurrency theory
PETS'11 Proceedings of the 11th international conference on Privacy enhancing technologies
Trust-based anonymous communication: adversary models and routing algorithms
Proceedings of the 18th ACM conference on Computer and communications security
Stealthy traffic analysis of low-latency anonymous communication using throughput fingerprinting
Proceedings of the 18th ACM conference on Computer and communications security
Minimising anonymity loss in anonymity networks under DoS attacks
ICICS'11 Proceedings of the 13th international conference on Information and communications security
Poster: shaping network topology for privacy and performance
Proceedings of the 18th ACM conference on Computer and communications security
Malice versus AN.ON: possible risks of missing replay and integrity protection
FC'11 Proceedings of the 15th international conference on Financial Cryptography and Data Security
A game-theoretic analysis of cooperation in anonymity networks
POST'12 Proceedings of the First international conference on Principles of Security and Trust
Review: A survey on solutions and main free tools for privacy enhancing Web communications
Journal of Network and Computer Applications
Website detection using remote traffic analysis
PETS'12 Proceedings of the 12th international conference on Privacy Enhancing Technologies
Throttling Tor bandwidth parasites
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Instant degradation of anonymity in low-latency anonymisation systems
AIMS'12 Proceedings of the 6th IFIP WG 6.6 international autonomous infrastructure, management, and security conference on Dependable Networks and Services
Probabilistic analysis of onion routing in a black-box model
ACM Transactions on Information and System Security (TISSEC)
Users get routed: traffic correlation on tor by realistic adversaries
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Hi-index | 0.00 |
Low-latency anonymity systems such as Tor, AN.ON, Crowds, and Anonymizer.com aim to provide anonymous connections that are both untraceable by “local” adversaries who control only a few machines and have low enough delay to support anonymous use of network services like Web browsing and remote login. One consequence of these goals is that these services leak some information about the network latency between the sender and one or more nodes in the system. We present two attacks on low-latency anonymity schemes using this information. The first attack allows a pair of colluding Web sites to predict, based on local timing information and with no additional resources, whether two connections from the same Tor exit node are using the same circuit with high confidence. The second attack requires more resources but allows a malicious Web site to gain several bits of information about a client each time he visits the site. We evaluate both attacks against two low-latency anonymity protocols—the Tor network and the MultiProxy proxy aggregator service—and conclude that both are highly vulnerable to these attacks.