Preserving Caller Anonymity in Voice-over-IP Networks

Applications such as VoIP need to provide anonymity to clients while maintaining low latency to satisfy quality of service (QoS) requirements. Existing solutions for providing anonymity such as mix networks are not well suited to applications like VoIP, SSH, and gaming which require low communication latency. This paper investigates the problem of on-demand construction of QoS sensitive routes on anonymizing networks using the VoIP application. We first describe triangulation based timing analysis attacks on shortest path route set up protocols. We show that even when a small fraction (~1%) of the network is malicious, the adversary can infer the source (caller) with reasonably high probability. Second, we describe random walk based route set up protocols that significantly improve anonymity while satisfying latency- based QoS guarantees. We describe a prototype implementation of our proposal and show that our protocols can significantly reduce the probability of inferring the caller. We present a detailed experimental evaluation to demonstrate our attacks and quantify the performance and scalability of our guards.

[1]  Liang Deng,et al.  An exact algorithm for the statistical shortest path problem , 2006, Asia and South Pacific Conference on Design Automation, 2006..

[2]  Birgit Pfitzmann,et al.  ISDN-MIXes: Untraceable Communication with Small Bandwidth Overhead , 1991, Kommunikation in Verteilten Systemen.

[3]  Michael K. Reiter,et al.  M2: Multicasting Mixes for Efficient and Anonymous Communication , 2006, 26th IEEE International Conference on Distributed Computing Systems (ICDCS'06).

[4]  Douglas S. Reeves,et al.  Robust correlation of encrypted attack traffic through stepping stones by manipulation of interpacket delays , 2003, CCS '03.

[5]  Marco Gruteser,et al.  USENIX Association , 1992 .

[6]  Dmitri Loguinov,et al.  Residual-Based Measurement of Peer and Link Lifetimes in Gnutella Networks , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[7]  Gene Tsudik,et al.  Towards an Analysis of Onion Routing Security , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[8]  Sushil Jajodia,et al.  Tracking anonymous peer-to-peer VoIP calls on the internet , 2005, CCS '05.

[9]  David J. Aldous,et al.  Lower bounds for covering times for reversible Markov chains and random walks on graphs , 1989 .

[10]  Ellen W. Zegura,et al.  How to model an internetwork , 1996, Proceedings of IEEE INFOCOM '96. Conference on Computer Communications.

[11]  Mikkel Thorup,et al.  Optimizing OSPF/IS-IS weights in a changing world , 2002, IEEE J. Sel. Areas Commun..

[12]  John G. Proakis,et al.  Probability, random variables and stochastic processes , 1985, IEEE Trans. Acoust. Speech Signal Process..

[13]  Lili Qiu,et al.  On the placement of Web server replicas , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[14]  Krishna P. Gummadi,et al.  The impact of DHT routing geometry on resilience and proximity , 2003, SIGCOMM '03.

[15]  Robert Tappan Morris,et al.  Tarzan: a peer-to-peer anonymizing network layer , 2002, CCS '02.

[16]  Sheldon M. Ross,et al.  Introduction to probability models , 1975 .

[17]  Paul Syverson,et al.  Onion Routing for Anonymous and Private Internet Connections , 1999 .

[18]  Vern Paxson,et al.  Multiscale Stepping-Stone Detection: Detecting Pairs of Jittered Interactive Streams by Exploiting Maximum Tolerable Delay , 2002, RAID.

[19]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[20]  Douglas S. Reeves,et al.  Inter-Packet Delay Based Correlation for Tracing Encrypted Connections through Stepping Stones , 2002, ESORICS.

[21]  Yin Zhang,et al.  Detecting Stepping Stones , 2000, USENIX Security Symposium.

[22]  Vitaly Shmatikov,et al.  Timing Analysis in Low-Latency Mix Networks: Attacks and Defenses , 2006, ESORICS.

[23]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[24]  Brian Neil Levine,et al.  A protocol for anonymous communication over the Internet , 2000, CCS.

[25]  Liang Zhang,et al.  Organizational memory: reducing source-sink distance , 1997, Proceedings of the Thirtieth Hawaii International Conference on System Sciences.

[26]  Paul F. Syverson,et al.  Onion routing , 1999, CACM.

[27]  Dawn Xiaodong Song,et al.  Detection of Interactive Stepping Stones: Algorithms and Confidence Bounds , 2004, RAID.

[28]  Hiroaki Etoh,et al.  Finding a Connection Chain for Tracing Intruders , 2000, ESORICS.

[29]  Andreas Pfitzmann,et al.  Networks without user observability , 1987, Comput. Secur..