Abstract
There are a number of attacker models in the area of anonymous communication. Most of them are either very simplified or pretty abstract – therefore difficult to generalize or even identify in real networks. While some papers distinct different attacker types, the usual approach is to present an anonymization technique and then to develop an attacker model for it in order to identify properties of the technique. Often such a model is abstract, unsystematic and it is not trivial to identify the exact threats for the end-user of the implemented system. This work follows another approach: we propose a classification of attacker types for the risk analysis and attacker modelling in anonymous communication independently of the concrete technique. The classes are designed in the way, that their meaning can be easily communicated to the end-users and management level. We claim that the use of this classification can lead to a more solid understanding of security provided by anonymizing networks, and therewith improve their development.
Finally, we will classify some well known techniques and security issues according to the proposal and thus show the practical relevance and applicability of the proposed classification.
Chapter PDF
Similar content being viewed by others
References
Attacker Classification to Aid Targeting Critical Systems for Threat Modelling and Security Review (2005), (visited July 2006), http://www.rockyh.net/papers/AttackerClassification.pdf
ANTS File Sharing (2005) visited October 2005, http://antsp2p.sourceforge.net/
Berthold, O., Federrath, H., Köpsell, S.: Web MIXes: A System for Anonymous and Unobservable Internet Access. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 115–129. Springer, Heidelberg (2001)
Chaum, D.L.: The Dining Cryptographers Problem: Unconditional Sender and Recipient Untraceability. Journal of Cryptology 1, 65–75 (1988)
Clayton, R.C., Danezis, G., Kuhn, M.G.: Real world patterns of failure in anonymity systems. In: Moskowitz, I.S. (ed.) IH 2001. LNCS, vol. 2137, pp. 230–244. Springer, Heidelberg (2001)
Danezis, G.: Statistical disclosure attacks: Traffic confirmation in open environments. In: Gritzalis, Vimercati, Samarati, Katsikas (eds.) Proceedings of Security and Privacy in the Age of Uncertainty (SEC 2003), Athens, May 2003. IFIP TC11, pp. 421–426. Kluwer Academic Publishers, Dordrecht (2003)
Dingledine, R., Mathewson, N., Syverson, P.: Tor: The second-generation onion router. In: Proceedings of the 13th USENIX Security Symposium (2004)
Douceur, J.R.: The Sybil Attack. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, p. 251. Springer, Heidelberg (2002)
Fasbender, A., Kesdogan, D., Kubitz, O.: Analysis of security and privacy in mobile ip. In: Mobile IP, 4th International Conference on Telecommunication Systems Modeling and Analysis, Nashville (March 1996)
Goel, S., Robson, M., Polte, M., Sirer, E.G.: Herbivore: A Scalable and Efficient Protocol for Anonymous Communication. Technical Report 2003-1890, Cornell University, Ithaca, NY (February 2003)
Günes, M., Spaniol, O.: Ant-routing-algorithm for mobile multi-hop ad-hoc networks. In: Network control and engineering for Qos, security and mobility II, pp. 120–138. Kluwer Academic Publishers, Norwell, MA, USA (2003)
Hintz, A.: Fingerprinting websites using traffic analysis. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 171–178. Springer, Heidelberg (2003)
Hirt, A., Jacobson, M.J., Williamson, C.: Survey and analysis of anonymous communication schemes. In: ACM Computing Surveys, Department of Computer Science, December 2003, University of Calgary (submitted to, 2003)
Howard, J.D.: An Analysis Of Security Incidents On The Internet 1989-1995. PhD thesis, Carnegie Mellon University (1997)
Kesdogan, D., Egner, J., Büschkes, R.: Stop-and-Go-Mixes Providing Anonymity in an Open System. In: Aucsmith, D. (ed.) Information Hiding 98 - Second International Workshop, pp. 83–98. Springer, Heidelberg (1998)
Kesdogan, D., Palmer, C.: The past present and future of network anonymity. Network Security, Special Issue of Computer Communications Journal (2003)
Kesdogan, D., Pimenidis, L.: The Hitting Set Attack on Anonymity Protocols. In: Proceedings of Information Hiding, 7th International Workshop, Springer, Heidelberg (2004)
Kesdogan, D., Pimenidis, L.: The Lower Bound of Attacks on Anonymity Systems – A Unicity Distance Approach. In: Proceedings of 1st Workshop on Quality of Protection, Colocated at ESORICS, Milan, Italy, September 2005. LNCS, Springer, Heidelberg (2005)
Möller, U., Cottrell, L., Palfrader, P., Sassaman, L.: Mixmaster Protocol — Version 2. Draft (July 2003)
Murdoch, S.J., Danezis, G.: Low-cost Traffic Analysis of Tor. In: IEEE Symposium on Security and Privacy, Oakland, California, USA (May 2005)
MUTE File Sharing. visited October 2005 (2005), http://mute-net.sourceforge.net/
Pfitzmann, A.: Security in IT Networks: Multilateral Security in Distributed and by Distributed Systems. In: Script for the lectures Security and Cryptography I+II (October 2004)
Pfitzmann, A., Köhntopp, M.: Anonymity, unobservability, and pseudonymity: A proposal for terminology. Draft, version 0.23 (August 2005)
Raymond, J.-F.: Traffic analysis: Protocols, attacks, design issues, and open problems. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 10–29. Springer, Heidelberg (2001)
Serjantov, A., Dingledine, R., Syverson, P.: From a trickle to a flood: Active attacks on several mix types. In: Petitcolas, F.A.P. (ed.) IH 2002. LNCS, vol. 2578, pp. 36–52. Springer, Heidelberg (2003)
Serjantov, A., Sewell, P.: Passive attack analysis for connection-based anonymity systems. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 116–131. Springer, Heidelberg (2003)
Sherwood, R., Bhattacharjee, B., Srinivasan, A.: P5: A protocol for scalable anonymous communication. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy (May 2002)
Syverson, P.F., Tsudik, G., Reed, M., Landwehr, C.: Towards an Analysis of Onion Routing Security. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 96–114. Springer, Heidelberg (2001)
Wright, M., Adler, M., Levine, B.N., Shields, C.: An analysis of the degradation of anonymous protocols. In: Proceedings of the Network and Distributed Security Symposium - NDSS 2002, February 2002, IEEE Computer Society Press, Los Alamitos (2002)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2006 IFIP International Federation for Information Processing
About this paper
Cite this paper
Panchenko, A., Pimenidis, L. (2006). Towards Practical Attacker Classification for Risk Analysis in Anonymous Communication. In: Leitold, H., Markatos, E.P. (eds) Communications and Multimedia Security. CMS 2006. Lecture Notes in Computer Science, vol 4237. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11909033_22
Download citation
DOI: https://doi.org/10.1007/11909033_22
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-47820-1
Online ISBN: 978-3-540-47823-2
eBook Packages: Computer ScienceComputer Science (R0)