Abstract
Low-latency anonymisation systems are very popular, both in academic research and in operational environments. Several attacks against these systems exist aiming to reveal the identity of a particular user, mostly by trying to assign the real IP address of the sender to a known connection. Nevertheless, the hidden identity of a user is not only based on the IP address, also location information can be of relevance. In this paper, we propose an alternative approach to instantly disclose the location of users based on Round Trip Time measurements. Even if the identity of a user can not be revealed, the correlated location information may already provide sufficient information to degrade the level of anonymity significantly. Our attack is based on virtual network coordinate systems, mapping physical nodes to a n-dimensional space to reveal a geographical proximity. Taking advantage of this feature, we define a model that leverages network coordinates based on only a single connection of a user to a malicious website for instance. Evaluation on the Planet-Lab research network proves that by the use of our proposed model a local attacker has good chance to disclose the location of a user and to utilise this information to create an low-latency anonymity system independent anonymity measure.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
JAP Anonymity and Privacy, http://anon.tu-dresden.de
JonDonym, http://anonymous-proxy-servers.net/
Proxy Server Usage, http://www.statowl.com/network_behind_proxy_server.php?1=1&timeframe=last_12&interval=month&chart_id=6&fltr_br=&fltr_os=&fltr_se=&fltr_cn=&chart_id=4
Aha, D.W., Kibler, D., Albert, M.K.: Instance-based learning algorithms. Mach. Learn. 6, 37–66 (1991)
Appelbaum, J., Dingledine, R.: How governments have tried to block tor. In: 28th Chaos Communication Congress (28C3) (December 2011), http://events.ccc.de/congress/2011/Fahrplan/events/4800.en.html
Back, A., Möller, U., Stiglic, A.: Traffic Analysis Attacks and Trade-Offs in Anonymity Providing Systems. In: Moskowitz, I.S. (ed.) IH 2001. LNCS, vol. 2137, pp. 245–257. Springer, Heidelberg (2001)
Bauer, K., McCoy, D., Grunwald, D., Kohno, T., Sicker, D.: Low-resource routing attacks against Tor. In: Proceedings of the Workshop on Privacy in the Electronic Society (WPES 2007), Washington, DC, USA (October 2007)
Chakravarty, S., Stavrou, A., Keromytis, A.D.: Traffic Analysis against Low-Latency Anonymity Networks Using Available Bandwidth Estimation. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 249–267. Springer, Heidelberg (2010)
Chen, Y., Wang, X., Shi, C., Lua, E.K., Fu, X., Deng, B., Li, X.: Phoenix: A weight-based network coordinate system using matrix factorization. IEEE Transactions on Network and Service Management 8(4), 334–347 (2011)
Cover, T.M., Hart, P.E.: Nearest neighbor pattern classification. IEEE Transactions on Information Theory 13, 21–27 (1967)
Dabek, F., Cox, R., Kaashoek, F., Morris, R.: Vivaldi: A decentralized network coordinate system. In: SIGCOMM, pp. 15–26 (2004)
DÃaz, C., Seys, S., Claessens, J., Preneel, B.: Towards Measuring Anonymity. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 54–68. Springer, Heidelberg (2003)
Dingledine, R., Mathewson, N., Syverson, P.: Tor: the second-generation onion router. In: Proceedings of the 13th Conference on USENIX Security Symposium, vol. 13, p. 21. USENIX Association, Berkeley (2004)
PlanetLab Europe. PlanetLab Europe Website, http://www.planet-lab.eu
Hopper, N., Vasserman, E.Y., Chan-Tin, E.: How much anonymity does network latency leak? ACM Trans. Inf. Syst. Secur. 13, 13:1–13:28 (2010)
Levine, B.N., Reiter, M.K., Wang, C., Wright, M.: Timing Attacks in Low-Latency Mix Systems. In: Juels, A. (ed.) FC 2004. LNCS, vol. 3110, pp. 251–265. Springer, Heidelberg (2004)
Murdoch, S.J., Danezis, G.: Low-cost traffic analysis of tor. In: Proceedings of the 2005 IEEE Symposium on Security and Privacy, pp. 183–195. IEEE CS (2005)
Murdoch, S.J., Zieliński, P.: Sampled Traffic Analysis by Internet-Exchange-Level Adversaries. In: Borisov, N., Golle, P. (eds.) PET 2007. LNCS, vol. 4776, pp. 167–183. Springer, Heidelberg (2007)
Eugene Ng, T.S., Zhang, H.: Towards global network positioning. In: Proceedings of the First ACM SIGCOMM Workshop on Internet Measurement, pp. 25–29 (2001)
Reed, M.G., Syverson, P.F., Goldschlag, D.M.: Anonymous connections and onion routing. IEEE Journal on Selected Areas in Communications 16(4), 482–494 (1998)
Ries, T., Panchenko, A., State, R., Engel, T.: Comparison of low-latency anonymous communication systems - practical usage and performance. In: Proceedings of the Australasian International Security Conference, AISC 2011 (2011)
Zheng, H., Lua, E.K., Pias, M., Griffin, T.G.: Internet Routing Policies and Round-Trip-Times. In: Dovrolis, C. (ed.) PAM 2005. LNCS, vol. 3431, pp. 236–250. Springer, Heidelberg (2005)
Zhu, Y., Fu, X., Graham, B., Bettati, R., Zhao, W.: On Flow Correlation Attacks and Countermeasures in Mix Networks. In: Martin, D., Serjantov, A. (eds.) PET 2004. LNCS, vol. 3424, pp. 207–225. Springer, Heidelberg (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 IFIP International Federation for Information Processing
About this paper
Cite this paper
Ries, T., State, R., Engel, T. (2012). Instant Degradation of Anonymity in Low-Latency Anonymisation Systems. In: Sadre, R., Novotný, J., Čeleda, P., Waldburger, M., Stiller, B. (eds) Dependable Networks and Services. AIMS 2012. Lecture Notes in Computer Science, vol 7279. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-30633-4_12
Download citation
DOI: https://doi.org/10.1007/978-3-642-30633-4_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-30632-7
Online ISBN: 978-3-642-30633-4
eBook Packages: Computer ScienceComputer Science (R0)