{"title":"对发送到匿名服务器的消息流进行指纹识别","authors":"J. Elices, F. Pérez-González","doi":"10.1109/WIFS.2012.6412632","DOIUrl":null,"url":null,"abstract":"We present an attack to locate hidden servers in anonymous common networks. The attack is based on correlating the flow of messages that arrives to a certain server with the flow that is created by the attacker client. The fingerprint is constructed by sending requests, each request determines one interval. To improve the performance a prediction of the time of arrival is done for each request. We propose an optimal detector to decide whether the flow is fingerprinted, based on the Neyman-Pearson lemma. The usefulness of our algorithm is shown for the case of locating a Tor Hidden Service (HS), where we analytically determine the parameters that yield a fixed false positive probability and compute the corresponding detection probability. Finally, we empirically validate our results with a simulator and with a real implementation on the live Tor network. Results show that our algorithm outperforms any other flow watermarking scheme. Our design also yields a small detectability.","PeriodicalId":396789,"journal":{"name":"2012 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"46 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Fingerprinting a flow of messages to an anonymous server\",\"authors\":\"J. Elices, F. Pérez-González\",\"doi\":\"10.1109/WIFS.2012.6412632\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We present an attack to locate hidden servers in anonymous common networks. The attack is based on correlating the flow of messages that arrives to a certain server with the flow that is created by the attacker client. The fingerprint is constructed by sending requests, each request determines one interval. To improve the performance a prediction of the time of arrival is done for each request. We propose an optimal detector to decide whether the flow is fingerprinted, based on the Neyman-Pearson lemma. The usefulness of our algorithm is shown for the case of locating a Tor Hidden Service (HS), where we analytically determine the parameters that yield a fixed false positive probability and compute the corresponding detection probability. Finally, we empirically validate our results with a simulator and with a real implementation on the live Tor network. Results show that our algorithm outperforms any other flow watermarking scheme. Our design also yields a small detectability.\",\"PeriodicalId\":396789,\"journal\":{\"name\":\"2012 IEEE International Workshop on Information Forensics and Security (WIFS)\",\"volume\":\"46 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2012 IEEE International Workshop on Information Forensics and Security (WIFS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/WIFS.2012.6412632\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 IEEE International Workshop on Information Forensics and Security (WIFS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/WIFS.2012.6412632","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Fingerprinting a flow of messages to an anonymous server
We present an attack to locate hidden servers in anonymous common networks. The attack is based on correlating the flow of messages that arrives to a certain server with the flow that is created by the attacker client. The fingerprint is constructed by sending requests, each request determines one interval. To improve the performance a prediction of the time of arrival is done for each request. We propose an optimal detector to decide whether the flow is fingerprinted, based on the Neyman-Pearson lemma. The usefulness of our algorithm is shown for the case of locating a Tor Hidden Service (HS), where we analytically determine the parameters that yield a fixed false positive probability and compute the corresponding detection probability. Finally, we empirically validate our results with a simulator and with a real implementation on the live Tor network. Results show that our algorithm outperforms any other flow watermarking scheme. Our design also yields a small detectability.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
