Abstract
While anonymization systems like mix networks can provide privacy to their users by, e.g., hiding their communication relationships, several traffic analysis attacks can deanonymize them. In this work, we examine Statistical Disclosure Attacks and introduce a new implementation called the Smart Noise Statistical Disclosure Attack. This attack can improve results by examining how often other users send together with the attacker’s target to better filter out the noise caused by them. We evaluate this attack by comparing it to previous variants in various simulations and thus show how it can improve upon them. Further, we demonstrate how other implementations can be improved by combing them with our approach to noise calculation. Finally, we critically review used evaluation metrics to determine their significance.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
We allow senders and recipients to appear multiple times per round. Thus we talk about lists, not sets.
- 2.
This assumes random and independent senders. Thus the chance of a non-cloak background round appearing can be calculated (with values for round 25) as \((fraction\; of\; non-cloak\; users)^{b}=(1-\frac{cloak user count}{N})^{b}=(1-(\frac{1183}{20000}))^{50} \approx 0.047\). Note that there can be small but insignificant differences in the simulated results due to senders appearing multiple times per round, reducing the number of distinct cloak users.
- 3.
E.g., senders \(n_0\) and \(n_1\) are closer and send together more often than \(n_0\) and \(n_{50}\). Note that senders \(n_0\) and \(n_{99}\) are neighbors for \(N=100\).
- 4.
Or in the case of symmetrical communication, that her next communication (including messages received) will be performed with this user.
References
Chaum, D.L.: Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM 24(2), 84–90 (1981)
Danezis, G.: Statistical disclosure attacks: traffic confirmation in open environments. In: Gritzalis, D., De Capitani di Vimercati, S., Samarati, P., Katsikas, S. (eds.) SEC 2003. ITIFIP, vol. 122, pp. 421–426. Springer, Boston, MA (2003). https://doi.org/10.1007/978-0-387-35691-4_40
Danezis, G., Diaz, C., Troncoso, C.: Two-sided statistical disclosure attack. In: Borisov, N., Golle, P. (eds.) PET 2007. LNCS, vol. 4776, pp. 30–44. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-75551-7_3
Díaz, C., Seys, S., Claessens, J., Preneel, B.: Towards measuring anonymity. In: Dingledine, R., Syverson, P. (eds.) PET 2002. LNCS, vol. 2482, pp. 54–68. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36467-6_5
Emamdoost, N., Dousti, M.S., Jalili, R.: Statistical disclosure: improved, extended, and resisted. arXiv preprint arXiv:1710.00101 (2017)
Gaballah, S.A., Abdullah, L., Tran, M.T., Zimmer, E., Mühlhäuser, M.: On the effectiveness of intersection attacks in anonymous microblogging. In: Reiser, H.P., Kyas, M. (eds.) NordSec 2022. LNCS, vol. 13700, pp. 3–19. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-22295-5_1
Kedogan, D., Agrawal, D., Penz, S.: Limits of anonymity in open environments. In: Petitcolas, F.A.P. (ed.) IH 2002. LNCS, vol. 2578, pp. 53–69. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36415-3_4
Kesdogan, D., Egner, J., Büschkes, R.: Stop- and- Go-MIXes providing probabilistic anonymity in an open system. In: Aucsmith, D. (ed.) IH 1998. LNCS, vol. 1525, pp. 83–98. Springer, Heidelberg (1998). https://doi.org/10.1007/3-540-49380-8_7
Kesdogan, D., Pimenidis, L.: The hitting set attack on anonymity protocols. In: Fridrich, J. (ed.) IH 2004. LNCS, vol. 3200, pp. 326–339. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30114-1_23
Mallesh, N., Wright, M.: Countering statistical disclosure with receiver-bound cover traffic. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 547–562. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74835-9_36
Mallesh, N., Wright, M.: The reverse statistical disclosure attack. In: Böhme, R., Fong, P.W.L., Safavi-Naini, R. (eds.) IH 2010. LNCS, vol. 6387, pp. 221–234. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-16435-4_17
Mathewson, N., Dingledine, R.: Practical traffic analysis: extending and resisting statistical disclosure. In: Martin, D., Serjantov, A. (eds.) PET 2004. LNCS, vol. 3424, pp. 17–34. Springer, Heidelberg (2005). https://doi.org/10.1007/11423409_2
Pérez-González, F., Troncoso, C.: Understanding statistical disclosure: a least squares approach. In: Fischer-Hübner, S., Wright, M. (eds.) PETS 2012. LNCS, vol. 7384, pp. 38–57. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-31680-7_3
Pfitzmann, A., Köhntopp, M.: Anonymity, unobservability, and pseudonymity—a proposal for terminology. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 1–9. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44702-4_1
Reiter, M.K., Rubin, A.D.: Crowds: anonymity for web transactions. ACM Trans. Inf. Syst. Secur. (TISSEC) 1(1), 66–92 (1998)
Serjantov, A., Danezis, G.: Towards an information theoretic metric for anonymity. In: Dingledine, R., Syverson, P. (eds.) PET 2002. LNCS, vol. 2482, pp. 41–53. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36467-6_4
Troncoso, C., Gierlichs, B., Preneel, B., Verbauwhede, I.: Perfect matching disclosure attacks. In: Borisov, N., Goldberg, I. (eds.) PETS 2008. LNCS, vol. 5134, pp. 2–23. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-70630-4_2
Watts, D.J., Strogatz, S.H.: Collective dynamics of ‘small-world’ networks. Nature 393(6684), 440–442 (1998)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Roßberger, M., Kesdoğan, D. (2024). Smart Noise Detection for Statistical Disclosure Attacks. In: Fritsch, L., Hassan, I., Paintsil, E. (eds) Secure IT Systems. NordSec 2023. Lecture Notes in Computer Science, vol 14324. Springer, Cham. https://doi.org/10.1007/978-3-031-47748-5_6
Download citation
DOI: https://doi.org/10.1007/978-3-031-47748-5_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-47747-8
Online ISBN: 978-3-031-47748-5
eBook Packages: Computer ScienceComputer Science (R0)