Open Access Open Access  Restricted Access Subscription or Fee Access

Correlation-Based Traffic Analysis Attacks on Anonymity Networks

R. Gopinath, J. Balakumar, R. Gnanakumaran, M. Manikandaprabu


Mixes have been used in many anonymous communication systems and are supposed to provide countermeasures to defeat traffic analysis attacks. In this project, we focus on a particular class of traffic analysis attacks, flow correlation attacks, by which an adversary attempts to analyze the network traffic and correlate the traffic of a flow over an input link with that over an output link. Two classes of correlation methods are considered, namely time-domain methods and frequency-domain methods. Based on our threat model and known strategies in existing mix networks, we perform extensive experiments to analyze the performance of mixes. We find that all but a few batching strategies fail against flow-correlation attacks, allowing the adversary to either identify ingress or egress points of a flow or to reconstruct the path used by the flow. Counter intuitively, some batching strategies are actually detrimental against attacks. The empirical results provided in this project give an indication to designers of Mix networks about appropriate configurations and mechanisms to be used to counter flow-correlation attacks.


Privacy, Mixes, Anonymity, Anonymous Communication, Flow-Correlation Attack.

Full Text:



D. Chaum, “Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms,” Comm. ACM, vol. 24, no. 2, pp. 84-90, Feb.1981.

A. Serjantov and G. Danezis, “Towards an Information Theoretic Metric for Anonymity,” Proc. Privacy Enhancing Technologies Workshop (PET ’02), R. Dingledine and P. Syverson, eds., pp. 41-53, Apr. 2002.

C. Dı´az, S. Seys, J. Claessens, and B. Preneel, “Towards Measuring Anonymity,” Proc. Privacy Enhancing Technologies Workshop (PET ’02), R. Dingledine and P. Syverson, eds., pp. 54-68, Apr. 2002.

Y. Zhu and R. Bettati, “Anonymity vs. Information Leakage in Anonymity Systems,” Proc. 25th IEEE Int’l Conf. Distributed Computing Systems (ICDCS ’05), pp. 514-524, 2005.

O.R.D. Achives, “Link Padding and the Intersection ttack,”, 2002. [6] P.F. Syverson, D.M. Goldschlag, and M.G. Reed, “AnonymousConnections and Onion Routing,” Proc. IEEE Symp. Security and Privacy, pp. 44-54, 1997.

R. Dingledine, N. Mathewson, and P. Syverson, “Tor: The Second-Generation Onion Router,” Proc. 13th USENIX Security Symp, pp. 303-320, Aug. 2004.

M.K. Reiter and A.D. Rubin, “Crowds: Anonymity for Web Transactions,” ACM Trans. Information and System Security, vol. 1, no. 1, pp. 66-92, 1998.

K. Suh, D.R. Figueiredo, J. Kurose, and D. Towsley, “Characterizing and Detecting Skype-Relayed Traffic,” Proc. 25th IEEE INFOCOM ’06, pp. 1-12, Apr. 2006.

Y.J. Pyun, Y.H. Park, X. Wang, D.S. Reeves, and P. Ning, “Tracing Traffic through Intermediate Hosts that Repacketize Flows,” Proc. 26th IEEE INFOCOM ’07, pp. 634-642, May 2007.


  • There are currently no refbacks.

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.