On the effectiveness of low latency anonymous network in the presence of timing attack

Abstract

In this paper, we introduce a novel metric that can quantitatively measure the practical effectiveness (i.e. anonymity) of all anonymous networks in the presence of timing attack. Our metric is based on a novel measurement of the distortion of the packet timing between the incoming and the outgoing flows to and from the anonymous network and it uses wavelet based analysis to measure the variability of the distortion. To the best of our knowledge, our approach is the first practical method that can quantitatively measure the packet timing distortion between flows that may have gone through such transformations as flow mixing/spliting/merging, adding chaff, packet dropping. To validate our anonymity metric, we have conducted real-time timing attacks on various deployed anonymous networks such as Tor, anonymizer.com and have used the timing attack results as the ground truth for validating our anonymity metric. We have found strong correlation between our anonymity metric and the timing attack results. Our metric measurements and timing attack results show that the circuit rotation in Tor network could significantly increase its resistance to timing attack at the cost of more timing disturbances to the normal users. In addition, we have found that adding constant rate chaff (i.e. cover traffic) has diminishing effect in anonymizing packet flows.