Skip to main content
Article
Compromising Anonymous Communication Systems Using Blind Source Separation
ACM Transactions on Information and System Security
  • Ye Zhu, Cleveland State University
  • Riccardo Bettati, Texas A & M University - College Station
Document Type
Article
Publication Date
10-1-2009
Abstract
We propose a class of anonymity attacks to both wired and wireless anonymity networks. These attacks are based on the blind source separation algorithms widely used to recover individual signals from mixtures of signals in statistical signal processing. Since the philosophy behind the design of current anonymity networks is to mix traffic or to hide in crowds, the proposed anonymity attacks are very effective. The flow separation attack proposed for wired anonymity networks can separate the traffic in a mix network. Our experiments show that this attack is effective and scalable. By combining the flow separation method with frequency spectrum matching, a passive attacker can derive the traffic map of the mix network. We use a nontrivial network to show that the combined attack works. The proposed anonymity attacks for wireless networks can identify nodes in fully anonymized wireless networks using collections of very simple sensors. Based on a time series of counts of anonymous packets provided by the sensors, we estimate the number of nodes with the use of principal component analysis. We then proceed to separate the collected packet data into traffic flows that, with help of the spatial diversity in the available sensors, can be used to estimate the location of the wireless nodes. Our simulation experiments indicate that the estimators show high accuracy and high confidence for anonymized TCP traffic. Additional experiments indicate that the estimators perform very well in anonymous wireless networks that use traffic padding.
Article Number
8
DOI
10.1145/1609956.1609964
Version
Postprint
Citation Information
Y. Zhu and R. Bettati, "Compromising anonymous communication systems using blind source separation," ACM Transactions on Information and System Security (TISSEC), vol. 13, pp. 1-31, 2009.