A Novel Method to Prevent Traffic Analysis in Low-Latency Anonymous Communication Systems

2008 ◽  
Author(s):  
Jia Zhang ◽  
Haixin Duan ◽  
Jianping Wu
Keyword(s):  
Communication Systems ◽  
Traffic Analysis ◽  
Anonymous Communication ◽  
Low Latency ◽  
Novel Method ◽  
Anonymous Communication Systems

scholarly journals Towards an Analysis of Passive Attacks on Anonymous Communication Systems

2016 ◽  
Vol 10 (8) ◽  
pp. 1-12
Author(s):  
Tianbo Lu ◽  
Pan Gao ◽  
Lingling Zhao ◽  
Yang Li ◽  
WanJiang Han
Keyword(s):  
Communication Systems ◽  
Anonymous Communication ◽  
Anonymous Communication Systems

Protecting User’s Privacy from Browser-Based Attacks

2014 ◽  
Vol 631-632 ◽  
pp. 941-945
Author(s):  
Gao Feng He ◽  
Tao Zhang ◽  
Yuan Yuan Ma ◽  
Jia Xuan Fei
Keyword(s):  
Communication Systems ◽  
Anonymous Communication ◽  
Web Pages ◽  
Main Observation ◽  
Execution Times ◽  
Anonymous Communication Systems ◽  
Mozilla Firefox ◽  
Set Up ◽  
Browsing Behavior

Recently there has been a new kind of attacks, browser-based attacks, against anonymous communication systems, such as Tor. This kind of attacks exploits JavaScript in the browser or the HTML meta refresh to generate some predefined signals to correlate users and their visited websites. A novel and efficient defense against such attacks is proposed in this paper. Our main observation is that the attacker must generate enough signals from the client site (the browser) to correlate the user and the website while we can detect the attack at the client site. More specifically, when a user is browsing a specific website and a browser-based attack is in progress, the number of outgoing flows and the total byte counts generated by the browser should be much larger compared with the normal browsing behavior. So we can set up fingerprints (number of outgoing flows and total byte counts) for normal browsing of web pages for a period of time and utilize these fingerprints to detect browser-based attacks. We have also found that some JavaScript codes must be executed many times if the attacker uses JavaScript to communicate. We have modified the Mozilla Firefox JavaScript engine to audit execution times of JavaScript code to defend these attacks, including browser-based attacks.

Sign in / Sign up

Export Citation Format

Share Document