Skip to main content
SpringerLink
Log in
Book cover

International Symposium on Privacy Enhancing Technologies Symposium

PETS 2008: Privacy Enhancing Technologies pp 133–150Cite as

Studying Timing Analysis on the Internet with SubRosa

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5134))

Abstract

Timing analysis poses a significant threat to anonymity systems that wish to support low-latency applications like Web browsing, instant messaging, and Voice over IP (VoIP). Research into timing analysis so far has been done through simulations or unrealistic local area networks. We developed SubRosa, an experimental platform for studying timing analysis attacks and defenses in low-latency anonymity systems. We present results of experiments on PlanetLab, a globally distributed network testbed. Our experiments validate the major conclusions, but not the detailed results, obtained by prior simulation studies. We also propose a new lightweight defense based on the principles of mix design called γ-buffering and show the limitations of this approach. Finally, motivated by our experimental results, we introduce spike analysis, a new timing analysis technique that takes advantage of unusual delays in a stream to substantially reduce errors over prior techniques.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Planetlab, http://www.planetlab.org

  2. Back, A., Goldberg, I., Shostack, A.: Freedom 2.0 security issues and analysis. Zero-Knowledge Systems, Inc. white paper (November 2000)

    Google Scholar 

  3. Bauer, K., McCoy, D., Grunwald, D., Kohno, T., Sicker, D.: Low-resource routing attacks against TOR. In: ACM WPES (2007)

    Google Scholar 

  4. Brown, D.: The Da Vinci Code. Doubleday Press (2003)

    Google Scholar 

  5. Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM 24(2), 84–88 (1981)

    Article  Google Scholar 

  6. Danezis, G.: The traffic analysis of continuous-time mixes. In: Martin, D., Serjantov, A. (eds.) PET 2004. LNCS, vol. 3424. Springer, Heidelberg (May 2005)

    Google Scholar 

  7. Dei, W.: Pipenet 1.1 (August 1996), http://www.eskimo.com/~weidai/pipenet.txt

  8. Diaz, C., Preneel, B.: Taxonomy of mixes and dummy traffic. In: Proc. Intl. Information Security Management, Education and Privacy (I-NetSec 2004) (August 2004)

    Google Scholar 

  9. Diaz, C., Sassaman, L., Dewitte, E.: Comparison between two practical mix designs. In: Samarati, P., Ryan, P.Y.A., Gollmann, D., Molva, R. (eds.) ESORICS 2004. LNCS, vol. 3193. Springer, Heidelberg (2004)

    Google Scholar 

  10. Dingledine, R., Mathewson, N., Syverson, P.: Tor: The next-generation Onion Router. In: Proc. USENIX Security Symposium (August 2004)

    Google Scholar 

  11. Freedman, M., Morris, R.: Tarzan: A peer-to-peer anonymizing network layer. In: Proc. ACM CCS (November 2002)

    Google Scholar 

  12. Ganesh, R., Kaushik, B., Sadhu, R.: Modelling Delay Jitter in Voice over IP. ArXiv Computer Science e-prints (January 2003)

    Google Scholar 

  13. Hopper, N., Vasserman, E.Y., Chan-Tin, E.: How much anonymity does network latency leak. In: Proceedings of CCS 2007 (October 2007)

    Google Scholar 

  14. Levine, B.N., Reiter, M., Wang, C., Wright, M.: Timing analysis in low-latency mix systems. In: Proc. Financial Cryptography (February 2004)

    Google Scholar 

  15. Li, H., Mason, L.: Estimation and simulation of network delay traces for voip in service overlay network. In: Proc.  Intl. Symposium on Signals, Systems and Electronics (ISSSE 2007) (July 2007)

    Google Scholar 

  16. Murdoch, S.J., Danezis, G.: Low-cost traffic analysis of Tor. In: Proc. IEEE Symposium on Security and Privacy (May 2005)

    Google Scholar 

  17. Murdoch, S.J., Zieliński, P.: Sampled traffic analysis by internet-exchange-level adversaries. In: Proceedings of the Seventh Workshop on Privacy Enhancing Technologies (PET 2007) (June 2007)

    Google Scholar 

  18. Nambiar, A., Wright, M.: Salsa: a structured approach to large-scale anonymity. In: Proc. ACM Conference on Computer and Communications Security (CCS 2006) (October 2006)

    Google Scholar 

  19. Paxson, V.: Measurement and Analysis of End-to-End Internet Dynamics. Berkeley, California. Ph.D Dissertation (1997)

    Google Scholar 

  20. Peterson, L., Pai, V., Spring, N., Bavier, A.: Using PlanetLab for Network Research: Myths, Realities, and Best Practices. Technical Report PDN–05–028, PlanetLab Consortium (June 2005)

    Google Scholar 

  21. Pfitzmann, A., Pfitzmann, B., Waidner, M.: ISDNMixes: Untraceable communication with very small bandwidth overhead. In: Proc. GI/ITG Communication in Distributed Systems (February 1991)

    Google Scholar 

  22. Reiter, M.K., Rubin, A.D.: Crowds: Anonymity for Web Transactions. ACM TISSEC 1(1), 66–92 (1998)

    Article  Google Scholar 

  23. Rennhard, M., Plattner, B.: Practical anonymity for the masses with MorphMix. In: Juels, A. (ed.) FC 2004. LNCS, vol. 3110. Springer, Heidelberg (2004)

    Google Scholar 

  24. Serjantov, A., Dingledine, R., Syverson, P.: From a trickle to a flood: Active attacks on several mix types. In: Proc. Information Hiding Workshop (IH) (October 2002)

    Google Scholar 

  25. Shmatikov, V., Wang, M.H.: Timing analysis in low latency mix networks: Attacks and defenses. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol. 4189. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  26. Syverson, P., Tsudik, G., Reed, M., Landwehr, C.: Towards an analysis of Onion Routing security. In: Workshop on Design Issues in Anonymity and Unobservability (July 2000)

    Google Scholar 

  27. Venkateshaiah, M., Wright, M.: Evading stepping stone detection under the cloak of streaming media. Technical Report CSE-2007-6, Dept. of Computer Science and Engineering, U. Texas at Arlington (2007)

    Google Scholar 

  28. Wang, X., Chen, S., Jajodia, S.: Tracking anonymous peer-to-peer VoIP calls on the Internet. In: Proceedings of the ACM Conference on Computer Communications Security (CCS) (November 2005)

    Google Scholar 

  29. Wang, X., Chen, S., Jajodia, S.: Network flow watermarking attack on low-latency anonymous communication systems. In: Proceedings of the IEEE Symposium on Security and Privacy (S&P 2007) (May 2007)

    Google Scholar 

  30. Wright, M., Adler, M., Levine, B.N., Shields, C.: The predecessor attack: An analysis of a threat to anonymous communications systems. ACM Transactions on Information and Systems Security (TISSEC) 7(4) (2004)

    Google Scholar 

  31. Zhu, Y., Fu, X., Graham, B., Bettati, R., Zhao, W.: On flow correlation attacks and countermeasures in mix networks. In: Martin, D., Serjantov, A. (eds.) PET 2004. LNCS, vol. 3424. Springer, Heidelberg (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Texas at Arlington, Arlington, TX 76019, USA

    Hatim Daginawala & Matthew Wright

Authors
  1. Hatim Daginawala
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Matthew Wright
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Nikita Borisov Ian Goldberg

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Daginawala, H., Wright, M. (2008). Studying Timing Analysis on the Internet with SubRosa. In: Borisov, N., Goldberg, I. (eds) Privacy Enhancing Technologies. PETS 2008. Lecture Notes in Computer Science, vol 5134. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-70630-4_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-70630-4_9

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-70629-8

  • Online ISBN: 978-3-540-70630-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation