In this dissertation, we address issues related to traffic analysis attacks and the engineering
in anonymous communication networks.
Mixes have been used in many anonymous communication systems and are supposed
to provide countermeasures that can defeat various traffic analysis attacks. In
this dissertation, we first focus on a particular class of traffic analysis attack, flow
correlation attacks, by which an adversary attempts to analyze the network traffic
and correlate the traffic of a flow over an input link at a mix with that over an output
link of the same mix. Two classes of correlation methods are considered, namely
time-domain methods and frequency-domain methods. We find that a mix with any
known batching strategy may fail against flow correlation attacks in the sense that,
for a given flow over an input link, the adversary can correctly determine which output
link is used by the same flow. We theoretically analyze the effectiveness of a mix
network under flow correlation attacks.
We extend flow correlation attack to perform flow separation: The flow separation
attack separates flow aggregates into either smaller aggregates or individual flows. We
apply blind source separation techniques from statistical signal processing to separate
the traffic in a mix network. Our experiments show that this attack is effective and
scalable. By combining flow separation and frequency spectrum matching method,
a passive attacker can get the traffic map of the mix network. We use a non-trivial network to show that the combined attack works.
The second part of the dissertation focuses on engineering anonymous communication
networks. Measures for anonymity in systems must be on one hand simple and
concise, and on the other hand reflect the realities of real systems. We propose a new
measure for the anonymity degree, which takes into account possible heterogeneity.
We model the effectiveness of single mixes or of mix networks in terms of information
leakage and measure it in terms of covert channel capacity. The relationship between
the anonymity degree and information leakage is described, and an example is shown.
Identifer | oai:union.ndltd.org:tamu.edu/oai:repository.tamu.edu:1969.1/ETD-TAMU-1758 |
Date | 02 June 2009 |
Creators | Zhu, Ye |
Contributors | Bettati, Riccardo, Reddy, Narasimha A. L. |
Source Sets | Texas A and M University |
Language | en_US |
Detected Language | English |
Type | Book, Thesis, Electronic Dissertation, text |
Format | electronic, application/pdf, born digital |
Page generated in 0.0019 seconds