Instant degradation of anonymity in low-latency anonymisation systems

Authors:
Thorsten Ries;Radu State;Thomas Engel
Affiliations:
Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg, Luxembourg;Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg, Luxembourg;Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg, Luxembourg
Venue:
AIMS'12 Proceedings of the 6th IFIP WG 6.6 international autonomous infrastructure, management, and security conference on Dependable Networks and Services
Year:
2012

Citing 16
Cited 0

Instance-Based Learning Algorithms

Machine Learning
Towards global network positioning

IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
Traffic Analysis Attacks and Trade-Offs in Anonymity Providing Systems

IHW '01 Proceedings of the 4th International Workshop on Information Hiding
Vivaldi: a decentralized network coordinate system

Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Low-Cost Traffic Analysis of Tor

SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Tor: the second-generation onion router

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Low-resource routing attacks against tor

Proceedings of the 2007 ACM workshop on Privacy in electronic society
How much anonymity does network latency leak?

ACM Transactions on Information and System Security (TISSEC)
Towards measuring anonymity

PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Sampled traffic analysis by internet-exchange-level adversaries

PET'07 Proceedings of the 7th international conference on Privacy enhancing technologies
Traffic analysis against low-latency anonymity networks using available bandwidth estimation

ESORICS'10 Proceedings of the 15th European conference on Research in computer security
On flow correlation attacks and countermeasures in mix networks

PET'04 Proceedings of the 4th international conference on Privacy Enhancing Technologies
Internet routing policies and round-trip-times

PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
Nearest neighbor pattern classification

IEEE Transactions on Information Theory
Anonymous connections and onion routing

IEEE Journal on Selected Areas in Communications
Comparison of low-latency anonymous communication systems: practical usage and performance

AISC '11 Proceedings of the Ninth Australasian Information Security Conference - Volume 116

Quantified Score

Hi-index	0.00

Visualization

Abstract

Low-latency anonymisation systems are very popular, both in academic research and in operational environments. Several attacks against these systems exist aiming to reveal the identity of a particular user, mostly by trying to assign the real IP address of the sender to a known connection. Nevertheless, the hidden identity of a user is not only based on the IP address, also location information can be of relevance. In this paper, we propose an alternative approach to instantly disclose the location of users based on Round Trip Time measurements. Even if the identity of a user can not be revealed, the correlated location information may already provide sufficient information to degrade the level of anonymity significantly. Our attack is based on virtual network coordinate systems, mapping physical nodes to a n-dimensional space to reveal a geographical proximity. Taking advantage of this feature, we define a model that leverages network coordinates based on only a single connection of a user to a malicious website for instance. Evaluation on the Planet-Lab research network proves that by the use of our proposed model a local attacker has good chance to disclose the location of a user and to utilise this information to create an low-latency anonymity system independent anonymity measure.