Visible to the public How Far Can We Push Flow Analysis to Identify Encrypted Anonymity Network Traffic?

TitleHow Far Can We Push Flow Analysis to Identify Encrypted Anonymity Network Traffic?
Publication TypeConference Paper
Year of Publication2018
AuthorsShahbar, K., Zincir-Heywood, A. N.
Conference NameNOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium
Date Publishedapr
Keywordsanonymity, anonymity network users, Bandwidth, composability, cryptography, data privacy, dataset, encrypted anonymity network traffic, Encryption, flow analysis approach, Human Behavior, human factors, I2P, Internet, JonDonym, learning (artificial intelligence), machine learning, Metrics, Protocols, pubcrawl, resilience, Resiliency, telecommunication traffic, Tools, Tor, Traffic flow, traffic flow behavior, traffic flow Identification

Anonymity networks provide privacy to the users by relaying their data to multiple destinations in order to reach the final destination anonymously. Multilayer of encryption is used to protect the users' privacy from attacks or even from the operators of the stations. In this research, we showed how flow analysis could be used to identify encrypted anonymity network traffic under four scenarios: (i) Identifying anonymity networks compared to normal background traffic; (ii) Identifying the type of applications used on the anonymity networks; (iii) Identifying traffic flow behaviors of the anonymity network users; and (iv) Identifying / profiling the users on an anonymity network based on the traffic flow behavior. In order to study these, we employ a machine learning based flow analysis approach and explore how far we can push such an approach.

Citation KeyshahbarHowFarCan2018