Providing Mobile Users' Anonymity in Hybrid Networks

We present a novel hybrid communication protocol that guarantees mobile users' k-anonymity against a wide-range of adversaries by exploiting the capability of handheld devices to connect to both WiFi and cellular networks. Unlike existing anonymity schemes, we consider all parties that can intercept communications between the mobile user and a server as potential privacy threats. We formally quantify the privacy exposure and the protection of our system in the presence of malicious neighboring peers, global WiFi eavesdroppers, and omniscient mobile network operators. We show how our system provides an automatic incentive for users to collaborate, since by forwarding packets for other peers users gain anonymity for their own traffic.

[1]  Hannes Federrath,et al.  MIXes in Mobile Communication Systems: Location Management with Privacy , 1996, Information Hiding.

[2]  Ted Krovetz,et al.  UMAC: Message Authentication Code using Universal Hashing , 2006, RFC.

[3]  Sushil Jajodia,et al.  Secure Data Management in Decentralized Systems , 2014, Secure Data Management in Decentralized Systems.

[4]  Wenjing Lou,et al.  A Sophisticated Privacy-Enhanced Yet Accountable Security Framework for Metropolitan Wireless Mesh Networks , 2008, 2008 The 28th International Conference on Distributed Computing Systems.

[5]  Xiaoyan Hong,et al.  ANODR: anonymous on demand routing with untraceable routes for mobile ad-hoc networks , 2003, MobiHoc '03.

[6]  Xiaoyan Hong,et al.  A Mobility Framework for Ad Hoc Wireless Networks , 2001, Mobile Data Management.

[7]  Yuguang Fang,et al.  MASK: anonymous on-demand routing in mobile ad hoc networks , 2006, IEEE Transactions on Wireless Communications.

[8]  Bernhard Plattner,et al.  Introducing MorphMix: peer-to-peer based anonymous Internet usage with collusion detection , 2002, WPES '02.

[9]  Srdjan Capkun,et al.  Secure and Privacy-Preserving Communication in Hybrid Ad Hoc Networks , 2004 .

[10]  Micah Adler,et al.  The predecessor attack: An analysis of a threat to anonymous communications systems , 2004, TSEC.

[11]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[12]  Pierangela Samarati,et al.  Protecting Respondents' Identities in Microdata Release , 2001, IEEE Trans. Knowl. Data Eng..

[13]  Amit Kumar Saha,et al.  Modeling mobility for vehicular ad-hoc networks , 2004, VANET '04.

[14]  Siu-Ming Yiu,et al.  ARMR: Anonymous routing protocol with multiple routes for communications in mobile ad hoc networks , 2009, Ad Hoc Networks.

[15]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[16]  Peter Druschel,et al.  Peer-to-peer systems , 2010, Commun. ACM.

[17]  Pin-Han Ho,et al.  GSIS: A Secure and Privacy-Preserving Protocol for Vehicular Communications , 2007, IEEE Transactions on Vehicular Technology.

[18]  Minho Shin,et al.  Anonysense: privacy-aware people-centric sensing , 2008, MobiSys '08.

[19]  Sushil Jajodia,et al.  Privacy Preservation over Untrusted Mobile Networks , 2009, Privacy in Location-Based Applications.

[20]  Paul F. Syverson,et al.  Protocols Using Anonymous Connections: Mobile Applications , 1997, Security Protocols Workshop.

[21]  Hugo Krawczyk,et al.  UMAC: Fast and Secure Message Authentication , 1999, CRYPTO.

[22]  Acm Sigmobile,et al.  VANET : proceedings of the First ACM International Workshop on Vehicular Ad Hoc Networks, held in conjunction with MobiCom 2004, October 1, 2004, Philadelphia, Pennsylvania, USA , 2004 .

[23]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[24]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[25]  A. Girotra,et al.  Performance Analysis of the IEEE 802 . 11 Distributed Coordination Function , 2005 .

[26]  Matthew K. Wright,et al.  Timing Attacks in Low-Latency Mix Systems (Extended Abstract) , 2004, Financial Cryptography.

[27]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.