Title :
Fingerprinting a flow of messages to an anonymous server
Author :
Elices, Juan A. ; Perez-Gonzalez, F.
Author_Institution :
Electr. & Comput. Eng. Dept., Univ. of New Mexico, Albuquerque, NM, USA
Abstract :
We present an attack to locate hidden servers in anonymous common networks. The attack is based on correlating the flow of messages that arrives to a certain server with the flow that is created by the attacker client. The fingerprint is constructed by sending requests, each request determines one interval. To improve the performance a prediction of the time of arrival is done for each request. We propose an optimal detector to decide whether the flow is fingerprinted, based on the Neyman-Pearson lemma. The usefulness of our algorithm is shown for the case of locating a Tor Hidden Service (HS), where we analytically determine the parameters that yield a fixed false positive probability and compute the corresponding detection probability. Finally, we empirically validate our results with a simulator and with a real implementation on the live Tor network. Results show that our algorithm outperforms any other flow watermarking scheme. Our design also yields a small detectability.
Keywords :
Internet; computer network security; watermarking; Neyman-Pearson lemma; Tor hidden service; Tor network; anonymous common networks; anonymous server; detection probability; fixed false positive probability; flow watermarking scheme; message flow fingerprinting; optimal detector; Delay; Detectors; Fingerprint recognition; Maximum likelihood estimation; Polynomials; Servers; Watermarking;
Conference_Titel :
Information Forensics and Security (WIFS), 2012 IEEE International Workshop on
Conference_Location :
Tenerife
Print_ISBN :
978-1-4673-2285-0
Electronic_ISBN :
978-1-4673-2286-7
DOI :
10.1109/WIFS.2012.6412632
