A Distributed Flow Correlation Attack to Anonymizing Overlay Networks Based on Wavelet Multi-Resolution Analysis

Government agencies rely more and more heavily on the availability of flexible and intelligent solutions for the interception and analysis of Internet-based telecommunications. Unfortunately, the global lawful interception market has been recently put into a corner by the emerging sophisticated encryption, obfuscation and anonymization technologies provided by modern overlay communication infrastructures. To face this challenge, this work proposes a novel strategy for defeating the anonymity of traffic flows, collected within and at the exit of these anonymizing networks, relying on distributed flow-capture, characterization and correlation attacks driven by wavelet-based multi-resolution analysis. Such a strategy, starting from a properly formalized attack model, results in an effective and promising framework that can be easily deployed on real-life network equipment and can potentially scale by working according to different distribution/parallelization scenarios.

Automated summary

This study introduces a new strategy to defeat the anonymity of traffic flows within anonymizing networks, using distributed flow-capture, characterization and correlation attacks driven by wavelet-based multi-resolution analysis. This strategy is effective and promising, and can be easily deployed on real-life network equipment.