Title: Analysis of flow-correlation attacks in anonymity network

Authors: Ye Zhu, Xinwen Fu, Riccardo Bettati, Wei Zhao

Addresses: Department of Electrical and Computer Engineering, Cleveland State University, Cleveland, OH, USA. ' College of Business and Information Systems, Dakota State University, Madison, SD, USA. ' Department of Computer Science, Texas A&M University, College Station, TX, USA. ' Department of Computer Science, Texas A&M University, College Station, TX, USA

Abstract: Mix networks are designed to provide anonymity for users in a variety of applications, including privacy-preserving WWW browsing and numerous e-commerce systems. Such networks have been shown to be susceptible to a number of statistical traffic analysis attacks. Among these are flow correlation attacks, where an adversary may disclose the communication relationship between a sender and a receiver by measuring the similarity between the sender|s outbound flow and the receiver|s inbound flow. The effectiveness of the attacks is measured in terms of the probability that an adversary correctly recognises the receiver. This paper describes a model for the flow correlation attack effectiveness. Our results illustrate the quantitative relationship among system parameters such as sample size, noise level, payload flow rate and attack effectiveness. Our analysis quantitatively reveals how, under certain situations, existing flow-based anonymous systems would fail under flow-correlation attacks, thus providing useful guidelines for the design of future anonymous systems.

Keywords: anonymous communication; flow correlation attacks; mix networks; anonymity networks; security; internet.

DOI: 10.1504/IJSN.2007.012831

International Journal of Security and Networks, 2007 Vol.2 No.1/2, pp.137 - 153

Published online: 16 Mar 2007 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article