Abstract
Trust-based onion routing employs users’ own trust to circumvent compromised onion routers. However, it runs a high risk of being deanonymized by the inference attack based on a priori trust relationship. In this paper, we first observe that the onion routers with higher trust degree (e.g., those that are trusted by more users) are more effective in defending against the inference attack. We therefore incorporate trust degree into trust-based onion routing. With a rigorous theoretical analysis, we devise an optimal strategy for router selection and an optimal routing algorithm for path selection. Both minimize the risk of deanonymization by the inference attack without sacrificing the capability of evading compromised routers. Moreover, simulation-based experiments on top of real-world social networks confirm the effectiveness of the optimal router selection.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Puttaswamy, K.P.N., Sala, A., Zhao, B.Y.: Improving anonymity using social links. In: Proc. Workshop on Secure Network Protocols (2008)
Johnson, A., Syverson, P.: More anonymous onion routing through trust. In: Proc. IEEE CSF (2009)
Danezis, G., Diaz, C., Troncoso, C., Laurie, B.: Drac: An Architecture for Anonymous Low-Volume Communications. In: Atallah, M.J., Hopper, N.J. (eds.) PETS 2010. LNCS, vol. 6205, pp. 202–219. Springer, Heidelberg (2010)
Johnson, A., Syverson, P., Dingledine, R., Mathewson, N.: Trust-based anonymous communication: Adversary models and routing algorithms. In: Proc. ACM CCS (2011)
Goldschlag, D.M., Reed, M.G., Syverson, P.F.: Hiding routing information. In: Proc. Workshop on Information Hiding (1996)
Syverson, P.F., Goldschlag, D.M., Reed, M.G.: Anonymous connections and onion routing. In: Proc. IEEE Symposium on Security and Privacy (1997)
Dingledine, R., Mathewson, N., Syverson, P.: Tor: The second-generation onion router. In: Proc. USENIX Security Symposium (2004)
Wright, M., Adler, M., Levine, B.N., Shields, C.: The predecessor attack: An analysis of a threat to anonymous communications systems. ACM Transactions on Information and System Security (2004)
Evans, N.S., Dingledine, R., Grothoff, C.: A practical congestion attack on Tor using long paths. In: Proc. USENIX Security Symposium (2009)
Troncoso, C., Danezis, G.: The Bayesian traffic analysis of mix networks. In: Proc. ACM CCS (2009)
Agrawal, D., Kesdogan, D.: Measuring anonymity: the disclosure attack. IEEE Security & Privacy (2003)
Douceur, J.R.: The Sybil Attack. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251–260. Springer, Heidelberg (2002)
Syverson, P., Tsudik, G., Reed, M., Landwehr, C.: Towards an analysis of onion routing security. In: Proc. Designing Privacy Enhancing Technologies: Workshop on Design Issues in Anonymity and Unobservability (2000)
Murdoch, S., Danezis, G.: Low-cost traffic analysis of Tor. In: Proc. IEEE Symposium on Security and Privacy (2005)
Øverlier, L., Syverson, P.: Locating hidden servers. In: Proc. IEEE Symposium on Security and Privacy (2006)
Bauer, K., McCoy, D., Grunwald, D., Kohno, T., Sicker, D.: Low-resource routing attacks against Tor. In: Proc. ACM Workshop on Privacy in the Electronic Society (2007)
Fu, X., Ling, Z.: One cell is enough to break Tor’s anonymity. In: Proc. Black Hat DC (2009)
Ling, Z., Luo, J., Yu, W., Fu, X., Xuan, D., Jia, W.: A new cell counter based attack against Tor. In: Proc. ACM CCS (2009)
Zhu, Y., Fu, X., Graham, B., Bettati, R., Zhao, W.: Correlation-based traffic analysis attacks on anonymity networks. IEEE Transactions on Parallel and Distributed Systems (2009)
Hopper, N., Vasserman, E.Y., Chan-Tin, E.: How much anonymity does network latency leak? ACM Transactions on Information and System Security (2010)
Diaz, C., Troncoso, C., Serjantov, A.: On the impact of social network profiling on anonymity. In: Proc. Workshop on Privacy Enhancing Technologies (2008)
Mislove, A.: Wosn 2009 data sets (2009), http://socialnetworks.mpi-sws.org/data-wosn2009.html
Luo, X., Zhou, P., Zhang, J., Perdisci, R., Lee, W., Chang, R.K.C.: Exposing invisible timing-based traffic watermarks with backlit. In: Proc. ACSAC (2011)
Luo, X., Zhang, J., Perdisci, R., Lee, W.: On the Secrecy of Spread-Spectrum Flow Watermarks. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 232–248. Springer, Heidelberg (2010)
Marques, R., Zúquete, A.: Social networking for anonymous communication systems: A survey. In: Proc. International Conference on Computational Aspects of Social Networks (2011)
Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM (1981)
Danezis, G., Dingledine, R., Mathewson, N.: Mixminion: Design of a type iii anonymous remailer protocol. In: Proc. IEEE Symposium on Security and Privacy (2003)
The Tor Project. Tor path selection specification (2009), http://tor.hermetix.org/svn/trunk/doc/spec/path-spec.txt
Snader, R., Borisov, N.: A tune-up for Tor: Improving security and performance in the Tor network. In: Proc. ISOC Network and Distributed System Security Symposium (2008)
Snader, R., Borisov, N.: Improving security and performance in the Tor network through tunable path selection. IEEE Transactions on Dependable and Secure Computing (2010)
Dingledine, R., Freedman, M.J., Hopwood, D., Molnar, D.: A Reputation System to Increase MIX-Net Reliability. In: Moskowitz, I.S. (ed.) IH 2001. LNCS, vol. 2137, pp. 126–141. Springer, Heidelberg (2001)
Dingledine, R., Syverson, P.: Reliable MIX cascade networks through reputation. In: Proc. International Conference on Financial Cryptography (2003)
Böttcher, A., Kauer, B., Härtig, H.: Trusted computing serving an anonymity service. In: Proc. International Conference on Trust & Trustworthy Computing (2008)
Gross, R., Acquisti, A.: Information revelation and privacy in online social networks. In: Proc. ACM Workshop on Privacy in the Electronic Society (2005)
Narayanan, A., Shmatikov, V.: De-anonymizing social networks. In: Proc. IEEE Symposium on Security and Privacy (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Zhou, P., Luo, X., Chang, R.K.C. (2013). More Anonymity through Trust Degree in Trust-Based Onion Routing. In: Keromytis, A.D., Di Pietro, R. (eds) Security and Privacy in Communication Networks. SecureComm 2012. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 106. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-36883-7_17
Download citation
DOI: https://doi.org/10.1007/978-3-642-36883-7_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-36882-0
Online ISBN: 978-3-642-36883-7
eBook Packages: Computer ScienceComputer Science (R0)