This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Novel Packet Size-Based Covert Channel Attacks against Anonymizer
Dec. 2013 (vol. 62 no. 12)
pp. 2411-2426
Zhen Ling, Southeast University, Nanjing
Xinwen Fu, University of Massachusetts Lowell, Lowell
Weijia Jia, City University of Hong Kong, Hong Kong
Wei Yu, Towson University, Towson
Dong Xuan, Ohio State University, Columbus
Junzhou Luo, Southeast University, Nanjing
In this paper, we present a study on the anonymity of Anonymizer, a well-known commercial anonymous communication system. We discovered the architecture of Anonymizer and found that the size of web packets in the Anonymizer network can be very dynamic at the client. Motivated by this finding, we investigated a class of novel packet size-based covert channel attacks against Anonymizer. The attacker between a website and the Anonymizer server can manipulate the web packet size and embed secret signal symbols into the target traffic. An accomplice at the user side can sniff the traffic and recognize the secret signal. In this way, the anonymity provided by Anonymizer is compromised. We developed intelligent and robust algorithms to cope with the packet size distortion incurred by Anonymizer and Internet. We developed techniques to make the attack harder to detect: 1) We pick up right packets of web objects to manipulate to preserve the regularity of the TCP packet size dynamics, which can be measured by the Hurst parameter; 2) We adopt the Monte Carlo sampling technique to preserve the distribution of the web packet size despite manipulation. We have implemented the attack over Anonymizer and conducted extensive analytical and experimental evaluations. It is observed that the attack is highly efficient and requires only tens of packets to compromise the anonymous web surfing via Anonymizer. The experimental results are consistent with our theoretical analysis.
Index Terms:
Servers,Web sites,Monte Carlo methods,Computer architecture,Educational institutions,Electronic mail,TCP dynamics,Anonymizer,watermark
Citation:
Zhen Ling, Xinwen Fu, Weijia Jia, Wei Yu, Dong Xuan, Junzhou Luo, "Novel Packet Size-Based Covert Channel Attacks against Anonymizer," IEEE Transactions on Computers, vol. 62, no. 12, pp. 2411-2426, Dec. 2013, doi:10.1109/TC.2012.169
Usage of this product signifies your acceptance of the Terms of Use.