SGER: Defending Against Passive Logging Attacks in Anonymous Communications
Matthew Wright
Communicating over the Internet, even with encryption, exposes valuable information about with whom and how often one communicates. For organizations such as the military, government, and multinational corporations, this can be an enormous risk. Anonymous communications is a technology that can stop this kind of information leakage by mixing different traffic together as it goes through the Internet. Current systems, however, are vulnerable to long-term passive attacks, in which eavesdroppers or malicious operators can uncover the traffic patterns.
This exploratory research will examine potential solutions to these attacks. It will use in-depth simulations to explore defenses against timing analysis, by which the attacker uses the timings of messages to trace a user's traffic through the network. Attacks on longer-term traffic patterns will be combatted in two ways, both of which will be evaluated with analysis and simulation. First, ideas from peer-to-peer file-sharing systems will be used to secure the process of selecting nodes. Second, artificially-generated traffic based on other users' patterns will make it more difficult to single users out. Additionally, a testbed for exploring these ideas through experimentation will be constructed. The work will be at the forefront of creating a new, more secure generation of anonymous communications systems.
