A survey on privacy: Terminology, mechanisms and attacks

Privacy is considered as one of the hottest issues in nowadays communication research areas. It focuses on protecting the content of the transmitted data and on preserving the contextual information such as the identity of the communicating entities. This paper presents an overview of research done in this area in order to build a foundation that helps the research community to understand more the privacy concept and issues. We start by defining the privacy and classifying its requirements in two categories: content-oriented privacy and contextual privacy. We concentrate particularly on contextual privacy by identifying its properties. We also expose a taxonomy according to the type of transferred messages. An analysis of privacy protocols and systems described in the literature is then performed, followed by a description of privacy attacks. Based on the compromised privacy requirements, we propose a new expressive and precise classification of attacks. It is more adapted to privacy context and helps to identify areas of remaining weaknesses that require additional work. Moreover, we describe various attacks against privacy. Finally, we highlight the future research directions in this area.

[1]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[2]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[3]  Andreas Pfitzmann,et al.  Networks without user observability , 1987, Comput. Secur..

[4]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.

[5]  Paul F. Syverson,et al.  Anonymous connections and onion routing , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[6]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[7]  Roger Dingledine,et al.  The Free Haven Project: Distributed Anonymous Storage Service , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[8]  Jean-François Raymond,et al.  Traffic Analysis: Protocols, Attacks, Design Issues, and Open Problems , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[9]  R. Younglove Virtual private networks - how they work , 2000 .

[10]  Anton Stiglic,et al.  Traffic Analysis Attacks and Trade-Offs in Anonymity Providing Systems , 2001, Information Hiding.

[11]  George Danezis,et al.  Statistical Disclosure Attacks , 2003, SEC.

[12]  Qi Wang,et al.  On the privacy preserving properties of random data perturbation techniques , 2003, Third IEEE International Conference on Data Mining.

[13]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[14]  David Chaum,et al.  The dining cryptographers problem: Unconditional sender and recipient untraceability , 1988, Journal of Cryptology.

[15]  Don Towsley,et al.  On the Analysis of the Predecessor Attack on Anonymity Systems , 2004 .

[16]  Aravind Srinivasan,et al.  P/sup 5/ : a protocol for scalable anonymous communication , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[17]  Wade Trappe,et al.  Enhancing Source-Location Privacy in Sensor Network Routing , 2005, ICDCS.

[18]  Claudia Díaz Anonymity Metrics Revisited , 2005, Anonymous Communication and its Applications.

[19]  Riccardo Bettati,et al.  On Flow Marking Attacks in Wireless Anonymous Communication Networks , 2005, 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05).

[20]  Fillia Makedon,et al.  Entrapping adversaries for source protection in sensor networks , 2006, 2006 International Symposium on a World of Wireless, Mobile and Multimedia Networks(WoWMoM'06).

[21]  Renyi Xiao,et al.  Survey on Anonymity in Unstructured Peer-to-Peer Systems , 2008, Journal of Computer Science and Technology.

[22]  Xiaodong Lin,et al.  Sage: a strong privacy-preserving scheme against global eavesdropping for ehealth systems , 2009, IEEE Journal on Selected Areas in Communications.

[23]  Tung-Shou Chen,et al.  A Novel Hybrid Protection Technique of Privacy-Preserving Data Mining and Anti-Data Mining , 2010 .

[24]  Jie Wu,et al.  Survey on anonymous communications in computer networks , 2010, Comput. Commun..

[25]  Yunhao Liu,et al.  Rumor Riding: Anonymizing Unstructured Peer-to-Peer Systems , 2006, IEEE Transactions on Parallel and Distributed Systems.

[26]  Zhifeng Xiao,et al.  Security and Privacy in Cloud Computing , 2013, IEEE Communications Surveys & Tutorials.

[27]  A. Maslow A Theory of Human Motivation , 1943 .

[28]  Mauro Conti,et al.  Cache Privacy in Named-Data Networking , 2013, 2013 IEEE 33rd International Conference on Distributed Computing Systems.

[29]  Seog Chung Seo,et al.  A privacy-preserving approach in content centric , 2014, 2014 IEEE 11th Consumer Communications and Networking Conference (CCNC).

[30]  Jorge Sá Silva,et al.  Security for the Internet of Things: A Survey of Existing Protocols and Open Research Issues , 2015, IEEE Communications Surveys & Tutorials.

[31]  Xiaodong Lin,et al.  A Threshold Anonymous Authentication Protocol for VANETs , 2016, IEEE Transactions on Vehicular Technology.