2010 | OriginalPaper | Buchkapitel
Traffic Analysis against Low-Latency Anonymity Networks Using Available Bandwidth Estimation
verfasst von : Sambuddho Chakravarty, Angelos Stavrou, Angelos D. Keromytis
Erschienen in: Computer Security – ESORICS 2010
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
We introduce a novel remotely-mounted attack that can expose the network identity of an anonymous client, hidden service, and anonymizing proxies. To achieve this, we employ
single-end controlled
available bandwidth estimation tools and a colluding network entity that can modulate the traffic destined for the victim. To expose the circuit including the source, we inject a number of short or one large burst of traffic. Although timing attacks have been successful against anonymity networks, they require either a
Global Adversary
or the compromise of substantial number of anonymity nodes. Our technique does not require compromise of, or collaboration with,
any
such entity.
To validate our attack, we performed a series of experiments using different network conditions and locations for the adversaries on both controlled and real-world
Tor
circuits. Our results demonstrate that our attack is successful in controlled environments. In real-world scenarios, even an under-provisioned adversary with only a few network vantage points can, under certain conditions, successfully identify the IP address of both Tor users and
Hidden Servers
. However, Tor’s inherent circuit scheduling results in limited quality of service for its users. This at times leads to increased false negatives and it can degrade the performance of our circuit detection. We believe that as high speed anonymity networks become readily available, a well-provisioned adversary, with a partial or inferred network “map”, will be able to partially or fully expose anonymous users.