Presentation is loading. Please wait.

Presentation is loading. Please wait.

Toward Prevention of Traffic Analysis Fengfeng Tu 11/26/01.

Published byJade White Modified over 9 years ago

Similar presentations

Presentation on theme: "Toward Prevention of Traffic Analysis Fengfeng Tu 11/26/01."— Presentation transcript:

1 Toward Prevention of Traffic Analysis Fengfeng Tu 11/26/01

2 Discussion Outline What is traffic analysis? What is traffic analysis? What are traffic analysis attacks? What are traffic analysis attacks? How to prevent traffic analysis attacks? How to prevent traffic analysis attacks? Problems Problems Conclusion Conclusion

3 Traffic Analysis Monitor the network traffic Monitor the network traffic  e.g. log files, webpage hits, etc. http://www.openwebscope.com/samples/math_yal e_stats.html http://www.openwebscope.com/samples/math_yal e_stats.html http://www.openwebscope.com/samples/math_yal e_stats.html http://www.openwebscope.com/samples/math_yal e_stats.html Gain useful information from statistical analysis Gain useful information from statistical analysis  Who communicates with whom, when, how long, where?  Who is interested in what contents?

4 Traffic Analysis Attacks An adversary is doing traffic analysis An adversary is doing traffic analysis  e.g., earlier versions of SSH protocol Communication Pattern Communication Pattern  Sender-recipient matchings  Traffic volume, traffic shape  Duration Examples of sensitive info Examples of sensitive info  Possible corporate takeover  Importance of communicating parties

5 Anti-Traffic Analysis Anonymizer Anonymizer AT&T Crowds AT&T Crowds Onion Routing Onion Routing  Pentagon hides behind onion wraps Freedom Freedom Most are Chaum Mix-like Most are Chaum Mix-like

6 Chaum Mixes David Chaum. “Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms”, Communication of the ACM, 1981. David Chaum. “Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms”, Communication of the ACM, 1981. Mix nodes are intermediate processors that a message goes through. Mix nodes are intermediate processors that a message goes through. Purpose - hide the correspondences between the incoming and outgoing messages. Purpose - hide the correspondences between the incoming and outgoing messages.

7 How it works? The message will be sent through a series of mix nodes: 1, 2, …,d-1, d. The user encrypts the message with node d’s private key, then encrypts the result with (d-1)’s private key and so on. The message will be sent through a series of mix nodes: 1, 2, …,d-1, d. The user encrypts the message with node d’s private key, then encrypts the result with (d-1)’s private key and so on. MIX 1MIX 2 K 2 (R 2, K Y (R 0, M), A Y ), A 2 X K 1 (R 1, K 2 (R 2, K Y (R 0, M), A Y ), A 2 ), A 1 K Y (R 0, M), A Y Y

8 How it works? (Cont’) The mix nodes receive a certain number of these messages which they decrypt, randomly reorder and send to the next node The mix nodes receive a certain number of these messages which they decrypt, randomly reorder and send to the next node The order of outgoing messages changed, so it is nearly impossible to correlate a message that comes in with a message that goes out. The order of outgoing messages changed, so it is nearly impossible to correlate a message that comes in with a message that goes out.

9 A Mix Node

10 How it works? (Cont’) Link-to-link encryption is not sufficient. Link-to-link encryption is not sufficient.  Mix nodes are not trusted (insider attacks). Why do we need random numbers? Why do we need random numbers? MIX 1 X Y K 1 (K Y (M), A Y ), A 1 K Y (M), A Y Encrypt it with K 1 => K 1 (K Y (M), A Y ) = ?

11 Characteristics Sender/Recipient Anonymity - each mix node only knows the previous and next node in a received message’s route. Sender/Recipient Anonymity - each mix node only knows the previous and next node in a received message’s route. Constant message length Constant message length  Large message are chopped into short ones with a specific constant length  Padding if the message is too small Each message is processed by a Mix only once Each message is processed by a Mix only once

12 A Simple Example

13 Problems? Brute Force Attacks Brute Force Attacks Duration of a communication can be observed. Duration of a communication can be observed. An extreme case: An extreme case:

14 Dummy Traffic All users send messages at all times All users send messages at all times  All users start and end their communication at the same time  Long communication is chopped into slices If a user has nothing to send, it sends random numbers indistinguishable from real (encrypted) messages. If a user has nothing to send, it sends random numbers indistinguishable from real (encrypted) messages. Reduce delay Reduce delay

15 Problems Imposing rigid structure on user communications Imposing rigid structure on user communications Dummy messages waste resources Dummy messages waste resources Delays at the Mixes. Delays at the Mixes. Cost of nested encryption Cost of nested encryption

16 Routing Issues Rerouting or Multi-path routing to improve network utilization Rerouting or Multi-path routing to improve network utilization  Reduce the dummy traffic volume 5Mbps Dummy traffic 2.5Mbps All are real traffic

17 Rerouting Host-based rerouting Host-based rerouting i. Compute the shortest path for each flow ii. Select a flow randomly or according to a sequence defined in advance. iii. Remove the traffic requirement for that flow iv. Reroute flow to reduce an objective function value, with routing paths for all other flows fixed v. Go to step (ii) until all flows have been examined at least once, but no further improvements are possible

18

19 Problems Solving a system of linear inequalities Solving a system of linear inequalities  Linear programming The computation is centralized to avoid local hot spot problem The computation is centralized to avoid local hot spot problem  Too expensive: consider all flows  Vulnerable to single-point failure

20 Conclusion Anonymity and Unobservability are hard to achieve in Internet Anonymity and Unobservability are hard to achieve in Internet The situation is worse in wireless (ad hoc) networks The situation is worse in wireless (ad hoc) networks  The media is open  Link transmission interference  Multi-path routing needed  Distributed algorithm

21 Literature Research David Chaum. Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms. Communication of the ACM, 1981. David Chaum. Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms. Communication of the ACM, 1981. J. Raymond. Traffic Analysis: Protocols, Attacks, Design Issues, and Open Problems. J. Raymond. Traffic Analysis: Protocols, Attacks, Design Issues, and Open Problems. O. Berthold, et al. Project “Anonymity and Unobservability in the Internet”. CFP 2000. O. Berthold, et al. Project “Anonymity and Unobservability in the Internet”. CFP 2000. M. Reed, et al. Anonymous Connections and Onion Routing. IEEE Journal on Special Areas in Communications, May 1998 M. Reed, et al. Anonymous Connections and Onion Routing. IEEE Journal on Special Areas in Communications, May 1998 R. Newman, et al. High Level Prevention of Traffic Analysis. 7 th Annual Computer Security and Applications Conference, Dec. 1991. R. Newman, et al. High Level Prevention of Traffic Analysis. 7 th Annual Computer Security and Applications Conference, Dec. 1991. S. Jiang, et al. Routing in Packet Radio Networks to Prevent Traffic Analysis. Proc. of IEEE Information Assurance and Security Workshop, West Point, NY, June 2000. S. Jiang, et al. Routing in Packet Radio Networks to Prevent Traffic Analysis. Proc. of IEEE Information Assurance and Security Workshop, West Point, NY, June 2000. http://netcamo.cs.tamu.edu/ http://netcamo.cs.tamu.edu/ http://netcamo.cs.tamu.edu/

Download ppt "Toward Prevention of Traffic Analysis Fengfeng Tu 11/26/01."

Similar presentations

Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.

Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.
Source-Location Privacy Protection in Wireless Sensor Network Presented by: Yufei Xu Xin Wu Da Teng.

Source-Location Privacy Protection in Wireless Sensor Network Presented by: Yufei Xu Xin Wu Da Teng.
Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL 6788 11.

Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL
Dynamic Anonymity Emin İslam Tatlı, Dirk Stegemann, Stefan Lucks University of Mannheim, Germany.

Dynamic Anonymity Emin İslam Tatlı, Dirk Stegemann, Stefan Lucks University of Mannheim, Germany.
Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,

Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,
Xinwen Fu Anonymous Communication & Computer Forensics 91.580.203 Computer & Network Forensics.

Xinwen Fu Anonymous Communication & Computer Forensics Computer & Network Forensics.
Responder Anonymity and Anonymous Peer-to-Peer File Sharing. by Vincent Scarlata, Brian Levine and Clay Shields Presentation by Saravanan.

Responder Anonymity and Anonymous Peer-to-Peer File Sharing. by Vincent Scarlata, Brian Levine and Clay Shields Presentation by Saravanan.
Design of Efficient and Secure Multiple Wireless Mesh Network Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date: 2005/06/28.

Design of Efficient and Secure Multiple Wireless Mesh Network Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date: 2005/06/28.
Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke O Sandberg I Clarke O Sandberg B WileyT W Hong.

Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke O Sandberg I Clarke O Sandberg B WileyT W Hong.
1 Chapter 13: Representing Identity What is identity Different contexts, environments Pseudonymity and anonymity.

1 Chapter 13: Representing Identity What is identity Different contexts, environments Pseudonymity and anonymity.
A Transmission Control Scheme for Media Access in Sensor Networks Alec Woo, David Culler (University of California, Berkeley) Special thanks to Wei Ye.

A Transmission Control Scheme for Media Access in Sensor Networks Alec Woo, David Culler (University of California, Berkeley) Special thanks to Wei Ye.
A distributed Search Service for Peer-to-Peer File Sharing in Mobile Applications From U. of Dortmund, Germany.

A distributed Search Service for Peer-to-Peer File Sharing in Mobile Applications From U. of Dortmund, Germany.
Anonymity on the Web: A Brief Overview By: Nipun Arora uni-na2271.

Anonymity on the Web: A Brief Overview By: Nipun Arora uni-na2271.
0x1A Great Papers in Computer Security Vitaly Shmatikov CS 380S

0x1A Great Papers in Computer Security Vitaly Shmatikov CS 380S
Towards an Analysis of Onion Routing Security Syverson, Tsudik, Reed, and Landwehr PET 2000 Presented by: Adam Lee 1/26/2006 Syverson, Tsudik, Reed, and.

Towards an Analysis of Onion Routing Security Syverson, Tsudik, Reed, and Landwehr PET 2000 Presented by: Adam Lee 1/26/2006 Syverson, Tsudik, Reed, and.
Preventing Active Timing Attacks in Low- Latency Anonymous Communication The 10 th Privacy Enhancing Technologies Symposium July 2010 Joan Feigenbaum Yale.

Preventing Active Timing Attacks in Low- Latency Anonymous Communication The 10 th Privacy Enhancing Technologies Symposium July 2010 Joan Feigenbaum Yale.
On the Anonymity of Anonymity Systems Andrei Serjantov (anonymous)

On the Anonymity of Anonymity Systems Andrei Serjantov (anonymous)
A Tale of Research: From Crowds to Deeper Understandings Matthew Wright Jan. 25, 2006 6392-017: Adv. Network Security.

A Tale of Research: From Crowds to Deeper Understandings Matthew Wright Jan. 25, : Adv. Network Security.
Trusted Computing, Peer-To-Peer Distribution, and the Economics of Pirated Entertainment Peter Scott Based on paper by S. E. Schechter, R. A. Greenstadt,

Trusted Computing, Peer-To-Peer Distribution, and the Economics of Pirated Entertainment Peter Scott Based on paper by S. E. Schechter, R. A. Greenstadt,
Traffic Analysis Prevention Chris Conger CIS6935 – Cryptographic Protocols 11/16/2004.

Traffic Analysis Prevention Chris Conger CIS6935 – Cryptographic Protocols 11/16/2004.

Similar presentations

Ads by Google