Toward Prevention of Traffic Analysis Fengfeng Tu 11/26/01.

Slides:



Advertisements
Similar presentations
Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.
Advertisements

Source-Location Privacy Protection in Wireless Sensor Network Presented by: Yufei Xu Xin Wu Da Teng.
Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL
Dynamic Anonymity Emin İslam Tatlı, Dirk Stegemann, Stefan Lucks University of Mannheim, Germany.
Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,
Xinwen Fu Anonymous Communication & Computer Forensics Computer & Network Forensics.
Responder Anonymity and Anonymous Peer-to-Peer File Sharing. by Vincent Scarlata, Brian Levine and Clay Shields Presentation by Saravanan.
Design of Efficient and Secure Multiple Wireless Mesh Network Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date: 2005/06/28.
Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke O Sandberg I Clarke O Sandberg B WileyT W Hong.
1 Chapter 13: Representing Identity What is identity Different contexts, environments Pseudonymity and anonymity.
A Transmission Control Scheme for Media Access in Sensor Networks Alec Woo, David Culler (University of California, Berkeley) Special thanks to Wei Ye.
A distributed Search Service for Peer-to-Peer File Sharing in Mobile Applications From U. of Dortmund, Germany.
Anonymity on the Web: A Brief Overview By: Nipun Arora uni-na2271.
0x1A Great Papers in Computer Security Vitaly Shmatikov CS 380S
Towards an Analysis of Onion Routing Security Syverson, Tsudik, Reed, and Landwehr PET 2000 Presented by: Adam Lee 1/26/2006 Syverson, Tsudik, Reed, and.
Preventing Active Timing Attacks in Low- Latency Anonymous Communication The 10 th Privacy Enhancing Technologies Symposium July 2010 Joan Feigenbaum Yale.
On the Anonymity of Anonymity Systems Andrei Serjantov (anonymous)
A Tale of Research: From Crowds to Deeper Understandings Matthew Wright Jan. 25, : Adv. Network Security.
Trusted Computing, Peer-To-Peer Distribution, and the Economics of Pirated Entertainment Peter Scott Based on paper by S. E. Schechter, R. A. Greenstadt,
Traffic Analysis Prevention Chris Conger CIS6935 – Cryptographic Protocols 11/16/2004.
CSCI 5234 Web Security1 Privacy & Anonymity in the WWW Ch. 12, Oppliger.
1 / 18 Fariba alamshahi Secure Routing and Intrusion Detection in Ad Hoc Networks Supervisor: Mr.zaker Translator: fariba alamshahi.
Cryptography and Network Security (CS435)
Provable Unlinkability Against Traffic Analysis Amnon Ta-Shma Joint work with Ron Berman and Amos Fiat School of Computer Science, Tel-Aviv University.
Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms David Chaum CACM Vol. 24 No. 2 February 1981 Presented by: Adam Lee 1/24/2006 David.
An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks Authors: A. Boukerche, K. El-Khatib, L. Xu, L. Korba.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Improving QoS Support in Mobile Ad Hoc Networks Agenda Motivations Proposed Framework Packet-level FEC Multipath Routing Simulation Results Conclusions.
Public Key Encryption and the RSA Public Key Algorithm CSCI 5857: Encoding and Encryption.
Anonymity on the Internet Presented by Randy Unger.
Anonymous Communication -- a brief survey
Mobile Traffic Sensor Network versus Motion-MIX: Tracing and Protecting Mobile Wireless Nodes JieJun Kong Dapeng Wu Xiaoyan Hong and Mario Gerla.
Crowds: Anonymity for Web Transactions Michael K. Reiter Aviel D. Rubin Jan 31, 2006Presented by – Munawar Hafiz.
Network Security Lecture 20 Presented by: Dr. Munam Ali Shah.
R. Newman Anonymity - Background. Defining anonymity Defining anonymity Need for anonymity Need for anonymity Defining privacy Defining privacy Threats.
Class 8 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2015 Eugene Vasserman
V0.0CPSC415 Biometrics and Cryptography1 Placement of Encryption Function Lecture 3.
Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.
Lecture 6 Page 1 Advanced Network Security Review of Networking Basics Advanced Network Security Peter Reiher August, 2014.
Chapter 7 – Confidentiality Using Symmetric Encryption.
Chapter 7 Confidentiality Using Symmetric Encryption.
Ahmed Osama Research Assistant. Presentation Outline Winc- Nile University- Privacy Preserving Over Network Coding 2  Introduction  Network coding 
Computer Science 1 TinySeRSync: Secure and Resilient Time Synchronization in Wireless Sensor Networks Speaker: Sangwon Hyun Acknowledgement: Slides were.
Anonymity - Background R. Newman. Topics Defining anonymity Need for anonymity Defining privacy Threats to anonymity and privacy Mechanisms to provide.
Fall 2006CS 395: Computer Security1 Confidentiality Using Symmetric Encryption.
Security Issues in Distributed Sensor Networks Yi Sun Department of Computer Science and Electrical Engineering University of Maryland, Baltimore County.
Anonymous Health Information Exchange (HIE) Transfer with Credibility Check against Fraud through Chaum Mixes and Crowds. By: Aaron Silcott.
Onion Routing R. Newman. Topics Defining anonymity Need for anonymity Defining privacy Threats to anonymity and privacy Mechanisms to provide anonymity.
Yanfei Fan, Yixin Jiang, Haojin Zhu, Xuemin Shen, Jiming Chen.
Mix networks with restricted routes PET 2003 Mix Networks with Restricted Routes George Danezis University of Cambridge Computer Laboratory Privacy Enhancing.
Effectiveness of Blending Attacks on Mixes Meng Tang.
Modified Onion Routing GYANRANJAN HAZARIKA AND KARAN MIRANI.
A Comparison of RaDiO and CoDiO over IEEE WLANs May 25 th Jeonghun Noh Deepesh Jain A Comparison of RaDiO and CoDiO over IEEE WLANs.
Making the Neutral Traffic Matrix More Meaningful Joseph Choi.
1 Anonymity. 2 Overview  What is anonymity?  Why should anyone care about anonymity?  Relationship with security and in particular identification 
Anonymous Communication
Digital Forensics 2 Presented by : J.Silaa Lecture: FCI 30 Aug 2017
The quieter you become, the more you are able to hear By: Ben Knapic
Towards Measuring Anonymity
An Introduction to Privacy and Anonymous Communication
0x1A Great Papers in Computer Security
Cost to defeat the N-1 Attack
Anonymous Communication
Amar B. Patel , Shushan Zhao
Outline Using cryptography in networks IPSec SSL and TLS.
Outline Network characteristics that affect security
Anonymous Communication
Anonymity – Generalizing Mixes
Presentation transcript:

Toward Prevention of Traffic Analysis Fengfeng Tu 11/26/01

Discussion Outline What is traffic analysis? What is traffic analysis? What are traffic analysis attacks? What are traffic analysis attacks? How to prevent traffic analysis attacks? How to prevent traffic analysis attacks? Problems Problems Conclusion Conclusion

Traffic Analysis Monitor the network traffic Monitor the network traffic  e.g. log files, webpage hits, etc. e_stats.html e_stats.html e_stats.html e_stats.html Gain useful information from statistical analysis Gain useful information from statistical analysis  Who communicates with whom, when, how long, where?  Who is interested in what contents?

Traffic Analysis Attacks An adversary is doing traffic analysis An adversary is doing traffic analysis  e.g., earlier versions of SSH protocol Communication Pattern Communication Pattern  Sender-recipient matchings  Traffic volume, traffic shape  Duration Examples of sensitive info Examples of sensitive info  Possible corporate takeover  Importance of communicating parties

Anti-Traffic Analysis Anonymizer Anonymizer AT&T Crowds AT&T Crowds Onion Routing Onion Routing  Pentagon hides behind onion wraps Freedom Freedom Most are Chaum Mix-like Most are Chaum Mix-like

Chaum Mixes David Chaum. “Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms”, Communication of the ACM, David Chaum. “Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms”, Communication of the ACM, Mix nodes are intermediate processors that a message goes through. Mix nodes are intermediate processors that a message goes through. Purpose - hide the correspondences between the incoming and outgoing messages. Purpose - hide the correspondences between the incoming and outgoing messages.

How it works? The message will be sent through a series of mix nodes: 1, 2, …,d-1, d. The user encrypts the message with node d’s private key, then encrypts the result with (d-1)’s private key and so on. The message will be sent through a series of mix nodes: 1, 2, …,d-1, d. The user encrypts the message with node d’s private key, then encrypts the result with (d-1)’s private key and so on. MIX 1MIX 2 K 2 (R 2, K Y (R 0, M), A Y ), A 2 X K 1 (R 1, K 2 (R 2, K Y (R 0, M), A Y ), A 2 ), A 1 K Y (R 0, M), A Y Y

How it works? (Cont’) The mix nodes receive a certain number of these messages which they decrypt, randomly reorder and send to the next node The mix nodes receive a certain number of these messages which they decrypt, randomly reorder and send to the next node The order of outgoing messages changed, so it is nearly impossible to correlate a message that comes in with a message that goes out. The order of outgoing messages changed, so it is nearly impossible to correlate a message that comes in with a message that goes out.

A Mix Node

How it works? (Cont’) Link-to-link encryption is not sufficient. Link-to-link encryption is not sufficient.  Mix nodes are not trusted (insider attacks). Why do we need random numbers? Why do we need random numbers? MIX 1 X Y K 1 (K Y (M), A Y ), A 1 K Y (M), A Y Encrypt it with K 1 => K 1 (K Y (M), A Y ) = ?

Characteristics Sender/Recipient Anonymity - each mix node only knows the previous and next node in a received message’s route. Sender/Recipient Anonymity - each mix node only knows the previous and next node in a received message’s route. Constant message length Constant message length  Large message are chopped into short ones with a specific constant length  Padding if the message is too small Each message is processed by a Mix only once Each message is processed by a Mix only once

A Simple Example

Problems? Brute Force Attacks Brute Force Attacks Duration of a communication can be observed. Duration of a communication can be observed. An extreme case: An extreme case:

Dummy Traffic All users send messages at all times All users send messages at all times  All users start and end their communication at the same time  Long communication is chopped into slices If a user has nothing to send, it sends random numbers indistinguishable from real (encrypted) messages. If a user has nothing to send, it sends random numbers indistinguishable from real (encrypted) messages. Reduce delay Reduce delay

Problems Imposing rigid structure on user communications Imposing rigid structure on user communications Dummy messages waste resources Dummy messages waste resources Delays at the Mixes. Delays at the Mixes. Cost of nested encryption Cost of nested encryption

Routing Issues Rerouting or Multi-path routing to improve network utilization Rerouting or Multi-path routing to improve network utilization  Reduce the dummy traffic volume 5Mbps Dummy traffic 2.5Mbps All are real traffic

Rerouting Host-based rerouting Host-based rerouting i. Compute the shortest path for each flow ii. Select a flow randomly or according to a sequence defined in advance. iii. Remove the traffic requirement for that flow iv. Reroute flow to reduce an objective function value, with routing paths for all other flows fixed v. Go to step (ii) until all flows have been examined at least once, but no further improvements are possible

Problems Solving a system of linear inequalities Solving a system of linear inequalities  Linear programming The computation is centralized to avoid local hot spot problem The computation is centralized to avoid local hot spot problem  Too expensive: consider all flows  Vulnerable to single-point failure

Conclusion Anonymity and Unobservability are hard to achieve in Internet Anonymity and Unobservability are hard to achieve in Internet The situation is worse in wireless (ad hoc) networks The situation is worse in wireless (ad hoc) networks  The media is open  Link transmission interference  Multi-path routing needed  Distributed algorithm

Literature Research David Chaum. Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms. Communication of the ACM, David Chaum. Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms. Communication of the ACM, J. Raymond. Traffic Analysis: Protocols, Attacks, Design Issues, and Open Problems. J. Raymond. Traffic Analysis: Protocols, Attacks, Design Issues, and Open Problems. O. Berthold, et al. Project “Anonymity and Unobservability in the Internet”. CFP O. Berthold, et al. Project “Anonymity and Unobservability in the Internet”. CFP M. Reed, et al. Anonymous Connections and Onion Routing. IEEE Journal on Special Areas in Communications, May 1998 M. Reed, et al. Anonymous Connections and Onion Routing. IEEE Journal on Special Areas in Communications, May 1998 R. Newman, et al. High Level Prevention of Traffic Analysis. 7 th Annual Computer Security and Applications Conference, Dec R. Newman, et al. High Level Prevention of Traffic Analysis. 7 th Annual Computer Security and Applications Conference, Dec S. Jiang, et al. Routing in Packet Radio Networks to Prevent Traffic Analysis. Proc. of IEEE Information Assurance and Security Workshop, West Point, NY, June S. Jiang, et al. Routing in Packet Radio Networks to Prevent Traffic Analysis. Proc. of IEEE Information Assurance and Security Workshop, West Point, NY, June

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.