MorphIT: Morphing Packet Reports for Internet Transparency

Open access


Can we improve Internet transparency without worsening user anonymity? For a long time, researchers have been proposing transparency systems, where traffic reports produced at strategic network points help assess network behavior and verify service-level agreements or neutrality compliance. However, such reports necessarily reveal when certain traffic appeared at a certain network point, and this information could, in principle, be used to compromise low-latency anonymity networks like Tor. In this paper, we examine whether more Internet transparency necessarily means less anonymity. We start from the information that a basic transparency solution would publish about a network and study how that would impact the anonymity of the network’s users. Then we study how to change, in real time, the time granularity of traffic reports in order to preserve both user anonymity and report utility. We evaluate with real and synthetic data and show that our algorithm can offer a good anonymity/utility balance, even in adversarial scenarios where aggregates consist of very few flows.

If the inline PDF is not rendering correctly, you can download the PDF file here.

  • [1] AT&T SLA.

  • [2] CAIDA Traces.

  • [3] Comcast SLA for Wholesale Dedicated Internet.

  • [4] Comcast vs. Netflix: Is this really about Net neutrality?

  • [5] Net neutrality by country.

  • [6] Tor: Anonymity Online.

  • [7] Mohammad Alaggan Mathieu Cunche and Sébastien Gambs. Privacy-preserving Wi-Fi Analytics. Proceedings on Privacy Enhancing Technologies 2018(2):4–26 2018.

  • [8] David G Andersen Hari Balakrishnan Nick Feamster Teemu Koponen Daekyeong Moon and Scott Shenker. Accountable internet protocol (aip). In ACM SIGCOMM Computer Communication Review volume 38 pages 339–350. ACM 2008.

  • [9] Katerina Argyraki Petros Maniatis David Cheriton and Scott Shenker. Providing packet obituaries. In ACM HotNets-III 2004.

  • [10] Katerina Argyraki Petros Maniatis Olga Irzak Subramanian Ashish and Scott Shenker. Loss and delay accountability for the Internet. In 2007 IEEE International Conference on Network Protocols(ICNP) pages 194–205. IEEE 2007.

  • [11] Katerina Argyraki Petros Maniatis and Ankit Singla. Verifiable network-performance measurements. In Proceedings of the 6th International COnference Co-NEXT ’10 pages 1:1–1:12 New York NY USA 2010. ACM.

  • [12] Boaz Barak Sharon Goldberg and David Xiao. Protocols and lower bounds for failure localization in the Internet. In Annual International Conference on the Theory and Applications of Cryptographic Techniques pages 341–360. Springer 2008.

  • [13] Martin Burkhart Mario Strasser Dilip Many and Xenofontas Dimitropoulos. Sepia: Privacy-preserving aggregation of multi-domain network events and statistics. In Proceedings of the 19th USENIX Conference on Security USENIX Security’10 pages 15–15 Berkeley CA USA 2010. USENIX Association.

  • [14] Sambuddho Chakravarty Marco V Barbera Georgios Portokalidis Michalis Polychronakis and Angelos D Keromytis. On the effectiveness of traffic analysis against anonymity networks using flow records. In International conference on passive and active network measurement pages 247–257. Springer 2014.

  • [15] Ruichuan Chen Alexey Reznichenko Paul Francis and Johanes Gehrke. Towards statistical queries over distributed private user data. In Presented as part of the 9th USENIX Symposium on Networked Systems Design and Implementation (NSDI 12) pages 169–182 San Jose CA 2012. USENIX.

  • [16] David Clark. The design philosophy of the DARPA Internet protocols. ACM SIGCOMM Computer Communication Review 18(4):106–114 1988.

  • [17] George Danezis. The traffic analysis of continuous-time mixes. In International Workshop on Privacy Enhancing Technologies pages 35–50. Springer 2004.

  • [18] Goulet David Johnson Aaron Kadianakis George and Loesing Karsten. Hidden-service statistics reported by relays. Tech. rep. The Tor Project Inc. 2015.

  • [19] Cynthia Dwork Krishnaram Kenthapadi Frank McSherry Ilya Mironov and Moni Naor. Our data ourselves: Privacy via distributed noise generation. In Advances in Cryptology (EUROCRYPT 2006) volume 4004 page 486–503 Saint Petersburg Russia May 2006. Springer Verlag.

  • [20] Cynthia Dwork Frank McSherry Kobbi Nissim and Adam Smith. Calibrating noise to sensitivity in private data analysis. In Theory of Cryptography Conference pages 265–284. Springer 2006.

  • [21] Cynthia Dwork Moni Naor Toniann Pitassi Guy Rothblum and Sergey Yekhanin. Pan-private streaming algorithms. In Proceedings of The First Symposium on Innovations in Computer Science (ICS 2010). Tsinghua University Press January 2010.

  • [22] Tariq Elahi George Danezis and Ian Goldberg. PrivEx: Private Collection of Traffic Statistics for Anonymous Communication Networks. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security CCS ’14 pages 1068–1079 New York NY USA 2014. ACM.

  • [23] Úlfar Erlingsson Vasyl Pihur and Aleksandra Korolova. Rappor: Randomized aggregatable privacy-preserving ordinal response. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security CCS ’14 pages 1054–1067 New York NY USA 2014. ACM.

  • [24] Sharon Goldberg David Xiao Eran Tromer Boaz Barak and Jennifer Rexford. Path-quality monitoring in the presence of adversaries. In Proceedings of the 2008 ACM SIGMETRICS International Conference on Measurement and Modeling of Computer Systems SIGMETRICS ’08 pages 193–204 New York NY USA 2008. ACM.

  • [25] Amir Houmansadr and Nikita Borisov. The need for flow fingerprints to link correlated network flows. In International Symposium on Privacy Enhancing Technologies Symposium pages 205–224. Springer 2013.

  • [26] Rob Jansen and Aaron Johnson. Safely Measuring Tor. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security CCS ’16 pages 1553–1567 New York NY USA 2016. ACM.

  • [27] Aaron Johnson Chris Wacek Rob Jansen Micah Sherr and Paul Syverson. Users get routed: Traffic correlation on tor by realistic adversaries. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security pages 337–348. ACM 2013.

  • [28] Thomas Karagiannis Mart Molle Michalis Faloutsos and Andre Broido. A nonstationary Poisson view of Internet traffic. In INFOCOM 2004. Twenty-third AnnualJoint Conference of the IEEE Computer and Communications Societies volume 3 pages 1558–1569. IEEE 2004.

  • [29] Stevens Le Blond David Choffnes Wenxuan Zhou Peter Druschel Hitesh Ballani and Paul Francis. Towards efficient traffic-analysis resistant anonymity networks. In ACM SIGCOMM Computer Communication Review volume 43 pages 303–314. ACM 2013.

  • [30] Frank D McSherry. Privacy integrated queries: an extensible platform for privacy-preserving data analysis. In Proceedings of the 2009 ACM SIGMOD International Conference on Management of data pages 19–30. ACM 2009.

  • [31] Steven J Murdoch and Piotr Zieliński. Sampled traffic analysis by internet-exchange-level adversaries. In International Workshop on Privacy Enhancing Technologies pages 167–183. Springer 2007.

  • [32] David Naylor Matthew K Mukerjee and Peter Steenkiste. Balancing accountability and privacy in the network. In ACM SIGCOMM Computer Communication Review volume 44 pages 75–86. ACM 2014.

  • [33] Andreas Pfitzmann and Marit Köhntopp. Anonymity unobservability and pseudonymity – a proposal for terminology. In Designing privacy enhancing technologies pages 1–9. Springer 2001.

  • [34] Vibhor Rastogi and Suman Nath. Differentially private aggregation of distributed time-series with transformation and encryption. In Proceedings of the 2010 ACM SIGMOD International Conference on Management of data pages 735–746. ACM 2010.

  • [35] Vitaly Shmatikov and Ming-Hsiu Wang. Timing analysis in low-latency mix networks: Attacks and defenses. In European Symposium on Research in Computer Security pages 18–33. Springer 2006.

  • [36] Charles V Wright Scott E Coull and Fabian Monrose. Traffic morphing: An efficient defense against statistical traffic analysis. In NDSS volume 9 2009.

  • [37] Andrew C Yao. Protocols for secure computations. In Foundations of Computer Science 1982. SFCS’08. 23rd Annual Symposium on pages 160–164. IEEE 1982.

  • [38] Xin Zhang Hsu-Chun Hsiao Geoffrey Hasker Haowen Chan Adrian Perrig and David G Andersen. SCION: Scalability control and isolation on next-generation networks. In Security and Privacy (SP) 2011 IEEE Symposium on pages 212–227. IEEE 2011.

  • [39] Xin Zhang Abhishek Jain and Adrian Perrig. Packet-dropping adversary identification for data plane security. In Proceedings of the 2008 ACM CoNEXT Conference CoNEXT ’08 pages 24:1–24:12 New York NY USA 2008. ACM.

  • [40] Xin Zhang Chang Lan and Adrian Perrig. Secure and scalable fault localization under dynamic traffic patterns. In Security and Privacy (SP) 2012 IEEE Symposium on pages 317–331. IEEE 2012.

  • [41] Xin Zhang Zongwei Zhou Hsu-Chun Hsiao Tiffany Hyun-Jin Kim Adrian Perrig and Patrick Tague. Shortmac: Efficient data-plane fault localization. In NDSS 2012.

Journal information
All Time Past Year Past 30 Days
Abstract Views 0 0 0
Full Text Views 493 493 123
PDF Downloads 300 300 93