Towards practical attacker classification for risk analysis in anonymous communication

Authors:
Andriy Panchenko;Lexi Pimenidis
Affiliations:
Computer Science Department – Informatik IV, RWTH Aachen University, Aachen, Germany;Computer Science Department – Informatik IV, RWTH Aachen University, Aachen, Germany
Venue:
CMS'06 Proceedings of the 10th IFIP TC-6 TC-11 international conference on Communications and Multimedia Security
Year:
2006

Citing 14
Cited 2

The dining cryptographers problem: unconditional sender and recipient untraceability

Journal of Cryptology
An analysis of security incidents on the Internet 1989-1995

An analysis of security incidents on the Internet 1989-1995
Traffic analysis: protocols, attacks, design issues, and open problems

International workshop on Designing privacy enhancing technologies: design issues in anonymity and unobservability
Towards an analysis of onion routing security

International workshop on Designing privacy enhancing technologies: design issues in anonymity and unobservability
Web MIXes: a system for anonymous and unobservable Internet access

International workshop on Designing privacy enhancing technologies: design issues in anonymity and unobservability
The Sybil Attack

IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
Real World Patterns of Failure in Anonymity Systems

IHW '01 Proceedings of the 4th International Workshop on Information Hiding
From a Trickle to a Flood: Active Attacks on Several Mix Types

IH '02 Revised Papers from the 5th International Workshop on Information Hiding
P5: A Protocol for Scalable Anonymous Communication

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Ant-routing-algorithm for mobile multi-hop ad-hoc networks

Network control and engineering for Qos, security and mobility II
Low-Cost Traffic Analysis of Tor

SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Tor: the second-generation onion router

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Fingerprinting websites using traffic analysis

PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
The hitting set attack on anonymity protocols

IH'04 Proceedings of the 6th international conference on Information Hiding

Website fingerprinting: attacking popular privacy enhancing technologies with the multinomial naïve-bayes classifier

Proceedings of the 2009 ACM workshop on Cloud computing security
Requirements for identity management from the perspective of multilateral interactions

Digital privacy

Quantified Score

Hi-index	0.00

Visualization

Abstract

There are a number of attacker models in the area of anonymous communication. Most of them are either very simplified or pretty abstract – therefore difficult to generalize or even identify in real networks. While some papers distinct different attacker types, the usual approach is to present an anonymization technique and then to develop an attacker model for it in order to identify properties of the technique. Often such a model is abstract, unsystematic and it is not trivial to identify the exact threats for the end-user of the implemented system. This work follows another approach: we propose a classification of attacker types for the risk analysis and attacker modelling in anonymous communication independently of the concrete technique. The classes are designed in the way, that their meaning can be easily communicated to the end-users and management level. We claim that the use of this classification can lead to a more solid understanding of security provided by anonymizing networks, and therewith improve their development. Finally, we will classify some well known techniques and security issues according to the proposal and thus show the practical relevance and applicability of the proposed classification.