4.5 Article

Novel Packet Size-Based Covert Channel Attacks against Anonymizer

IEEE TRANSACTIONS ON COMPUTERS (2013)

Get Full Text
Add to Collection

Journal

IEEE TRANSACTIONS ON COMPUTERS
Volume 62, Issue 12, Pages 2411-2426

Publisher

IEEE COMPUTER SOC
DOI: 10.1109/TC.2012.169

Keywords

Anonymizer; watermark; TCP dynamics

Categories

Computer Science, Hardware & Architecture Engineering, Electrical & Electronic

Funding

  1. National Key Basic Research Program of China (973 Program) [2010CB328104, 2011CB302800]
  2. China National High Technology Research and Development Program [2013AA013503]
  3. National Science Foundation of China (NSFC) [61272054, 61202449, 61003257, 61320106007, 61070221, 61070222]
  4. US National Science Foundation (NSF) [CNS-1116644, DUE-0942113, CNS-0958477, CNS-1117175, CNS-0916584, CNS-1065136, CNS-1218876]
  5. General Research Fund of the Hong Kong SAR, China [CityU 114012, CityU 114513]
  6. ShenZhen (China) Basic Research Project [JCYJ20120618115257259]
  7. China Specialized Research Fund for the Doctoral Program of Higher Education [20110092130002]
  8. JScience Research Foundation of Graduate School of Southeast University
  9. Jiangsu Provincial Key Laboratory of Network and Information Security [BM2003201]
  10. Key Laboratory of Computer Network and Information Integration of Ministry of Education of China [93K-9]
  11. Division Of Computer and Network Systems
  12. Direct For Computer & Info Scie & Enginr [0958477] Funding Source: National Science Foundation

Ask authors/readers for more resources

Protocol

Community support

Reagent

Community support

In this paper, we present a study on the anonymity of Anonymizer, a well-known commercial anonymous communication system. We discovered the architecture of Anonymizer and found that the size of web packets in the Anonymizer network can be very dynamic at the client. Motivated by this finding, we investigated a class of novel packet size-based covert channel attacks against Anonymizer. The attacker between a website and the Anonymizer server can manipulate the web packet size and embed secret signal symbols into the target traffic. An accomplice at the user side can sniff the traffic and recognize the secret signal. In this way, the anonymity provided by Anonymizer is compromised. We developed intelligent and robust algorithms to cope with the packet size distortion incurred by Anonymizer and Internet. We developed techniques to make the attack harder to detect: 1) We pick up right packets of web objects to manipulate to preserve the regularity of the TCP packet size dynamics, which can be measured by the Hurst parameter; 2) We adopt the Monte Carlo sampling technique to preserve the distribution of the web packet size despite manipulation. We have implemented the attack over Anonymizer and conducted extensive analytical and experimental evaluations. It is observed that the attack is highly efficient and requires only tens of packets to compromise the anonymous web surfing via Anonymizer. The experimental results are consistent with our theoretical analysis.

Authors

I am an author on this paper
Click your name to claim this paper and add it to your profile.

Reviews

Primary Rating

4.5
Not enough ratings

Secondary Ratings

Novelty
-
Significance
-
Scientific rigor
-
Rate this paper

Recommended

No Data Available
No Data Available
Webinars Posters Questions Hubs Funding Journals Papers Connect Collections Reviewers About Us FAQs Mobile App Privacy Policy Terms of Use
© Peeref 2019-2024. All rights reserved.