Presentation is loading. Please wait.

Presentation is loading. Please wait.

Towards efficient traffic-analysis resistant anonymity networks Stevens Le Blond David Choffnes Wenxuan Zhou Peter Druschel Hitesh Ballani Paul Francis.

Published byLeo Jones Modified over 9 years ago

Similar presentations

Presentation on theme: "Towards efficient traffic-analysis resistant anonymity networks Stevens Le Blond David Choffnes Wenxuan Zhou Peter Druschel Hitesh Ballani Paul Francis."— Presentation transcript:

1 Towards efficient traffic-analysis resistant anonymity networks Stevens Le Blond David Choffnes Wenxuan Zhou Peter Druschel Hitesh Ballani Paul Francis

2 2 Snowden wants to communicate with Greenwald without Alexander to find out Ed’s IP Glenn’s IP

3 The problem of IP anonymity Client Server 3 VPN proxy Proxies are single point of attack (rogue admin, break in, legal, etc)

4 4 Proxy Traffic analysis Onion routing (Tor) Onion routing doesn’t resist traffic analysis (well known)

5 Outline 5

6 Anonymous Quanta (Aqua) k-anonymity: Indistinguishable among k clients BitTorrent – Appropriate latency and bandwidth – Many concurrent and correlated flows 6

7 7 Threat model Global passive (traffic analysis) attack Active attack Edge mixes aren’t compromised

8 Padding 8 Constant rate (strawman) Defeats traffic analysis, but overhead proportional to peak link payload rate on fully connected network

9 Outline 9

10 10 Multipath Multipath reduces the peak link payload rate Padding

11 Variable uniform rate 11 Reduces overhead by adapting to changes in aggregate payload traffic

12 Outline 12

13 k-anonymity sets (ksets) 13 Send ksetRecv kset Provide k-anonymity by ensuring correlated rate changes on at least k client links Padding

14 Forming efficient ksets 14 Epochs 1 2 3 Peers’ rates 1 2 3 Are there temporal and spatial correlations among BitTorrent flows?

15 Outline 15

16 Methodology: Trace driven simulations Month-long BitTorrent trace with 100,000 users – 20 million flow samples per day – 200 million traceroute measurements Models of anonymity systems – Constant-rate: Onion routing v2 – Broadcast: P5, DC-Nets – P2P: Tarzan – Aqua 16

17 Overhead @ edges 17 Models Overhead Much better bandwidth efficiency

18 Throttling @ edges 18 Models Throttling Efficiently leverages correlations in BitTorrent flows

19 Outline 19

20 Ongoing work 20 Prototype implementation Aqua for VoIP traffic – “tiny-latency” (RTT <330ms) Intersection attacks Workload independence

21 Take home messages Efficient traffic-analysis resistance by exploiting existing correlations in BitTorrent traffic At core: – Multipath reduces peak payload rate – Variable uniform rate adapts to changes in aggregate payload traffic At edges, ksets: – Provide k-anonymity by sync rate on k client links – Leverage temporal and spatial correlations of BitTorrent flows 21

Download ppt "Towards efficient traffic-analysis resistant anonymity networks Stevens Le Blond David Choffnes Wenxuan Zhou Peter Druschel Hitesh Ballani Paul Francis."

Similar presentations

Tor: The Second-Generation Onion Router

Tor: The Second-Generation Onion Router
Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.

Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.
The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network Rob Jansen et. al NDSS 2014 Presenter: Yue Li Part of slides adapted from R.

The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network Rob Jansen et. al NDSS 2014 Presenter: Yue Li Part of slides adapted from R.
Predicting Tor Path Compromise by Exit Port IEEE WIDA 2009December 16, 2009 Kevin Bauer, Dirk Grunwald, and Douglas Sicker University of Colorado Client.

Predicting Tor Path Compromise by Exit Port IEEE WIDA 2009December 16, 2009 Kevin Bauer, Dirk Grunwald, and Douglas Sicker University of Colorado Client.
Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov 12 1 Rumor Riding Anonymizing Unstructured Peer- to-Peer System Jinsong Han and Yunhao.

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov 12 1 Rumor Riding Anonymizing Unstructured Peer- to-Peer System Jinsong Han and Yunhao.
236349 Project in Computer Security Integrating TOR’s attacks into the I2P darknet Chen Avnery Amihay Vinter.

Project in Computer Security Integrating TOR’s attacks into the I2P darknet Chen Avnery Amihay Vinter.
How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.

How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.
Message Splitting Against the Partial Adversary Andrei Serjantov The Free Haven Project (UK) Steven J Murdoch University of Cambridge Computer Laboratory.

Message Splitting Against the Partial Adversary Andrei Serjantov The Free Haven Project (UK) Steven J Murdoch University of Cambridge Computer Laboratory.
Hang with Your Buddies to Resist Intersection Attacks David Wolinsky, Ewa Syta, Bryan Ford Yale University.

Hang with Your Buddies to Resist Intersection Attacks David Wolinsky, Ewa Syta, Bryan Ford Yale University.
On Traffic Analysis in Tor Guest Lecture, ELE 574 Communications Security and Privacy Princeton University April 3 rd, 2014 Dr. Rob Jansen U.S. Naval Research.

On Traffic Analysis in Tor Guest Lecture, ELE 574 Communications Security and Privacy Princeton University April 3 rd, 2014 Dr. Rob Jansen U.S. Naval Research.
Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,

Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,
IPlane: An Information Plane for Distributed Services Offence by: Anup Goyal Sagar Vemuri.

IPlane: An Information Plane for Distributed Services Offence by: Anup Goyal Sagar Vemuri.
1 Modeling and Analysis of Anonymous-Communication Systems Joan Feigenbaum WITS’08; Princeton NJ; June 18, 2008 Acknowledgement:

1 Modeling and Analysis of Anonymous-Communication Systems Joan Feigenbaum WITS’08; Princeton NJ; June 18, 2008 Acknowledgement:
PSMC Proxy Server-based Multipath Connection CS 526 Advanced Networking - Richard White.

PSMC Proxy Server-based Multipath Connection CS 526 Advanced Networking - Richard White.
The Case for Network-Layer, Peer-to-Peer Anonymization Michael J. Freedman Emil Sit, Josh Cates, Robert Morris MIT Lab for Computer Science IPTPS’02March.

The Case for Network-Layer, Peer-to-Peer Anonymization Michael J. Freedman Emil Sit, Josh Cates, Robert Morris MIT Lab for Computer Science IPTPS’02March.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
Pseudo Trust: Zero-Knowledge Based Authentication in Anonymous Peer-to-Peer Protocols Li Lu, Lei Hu State Key Lab of Information Security, Graduate School.

Pseudo Trust: Zero-Knowledge Based Authentication in Anonymous Peer-to-Peer Protocols Li Lu, Lei Hu State Key Lab of Information Security, Graduate School.
Measurement in the Internet. Outline Internet topology Bandwidth estimation Tomography Workload characterization Routing dynamics.

Measurement in the Internet. Outline Internet topology Bandwidth estimation Tomography Workload characterization Routing dynamics.
Tarzan: A Peer-to-Peer Anonymizing Network Layer Michael J. Freedman, NYU Robert Morris, MIT ACM CCS 2002

Tarzan: A Peer-to-Peer Anonymizing Network Layer Michael J. Freedman, NYU Robert Morris, MIT ACM CCS 2002
A distributed Search Service for Peer-to-Peer File Sharing in Mobile Applications From U. of Dortmund, Germany.

A distributed Search Service for Peer-to-Peer File Sharing in Mobile Applications From U. of Dortmund, Germany.

Similar presentations

Ads by Google