Article

On the Effectiveness of Intersection Attacks in Anonymous Microblogging

Authors:

Sarah Abdelwahab Gaballah,

Lamya Abdullah,

Minh Tung Tran,

Ephraim Zimmer,

Max MühlhäuserAuthors Info & Claims

Secure IT Systems: 27th Nordic Conference, NordSec 2022, Reykjavic, Iceland, November 30–December 2, 2022, Proceedings

Pages 3 - 19

https://doi.org/10.1007/978-3-031-22295-5_1

Published: 30 November 2022 Publication History

Abstract

Intersection attacks, which are popular traffic analysis attacks, have been extensively studied in anonymous point-to-point communication scenarios. These attacks are also known to be challenging threats to anonymous group communication, e.g., microblogging. However, it remains unclear how powerful these attacks can be, especially when considering realistic user communication behavior. In this paper, we study the effectiveness of intersection attacks on anonymous microblogging systems utilizing Twitter and Reddit datasets. Our findings show that the attacks are effective regardless of whether users post their messages under pseudonyms or publish them to topics without attaching identifiers. Additionally, we observed that attacks are feasible under certain settings despite increasing userbase size, communication rounds’ length, cover traffic, or traffic delays.

References

[1]

Abraham, I., Pinkas, B., Yanai, A.: Blinder-scalable, robust anonymous committed broadcast. In: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, pp. 1233–1252 (2020)

[2]

Berthold O and Langos H Dingledine R and Syverson P Dummy traffic against long term intersection attacks Privacy Enhancing Technologies 2003 Heidelberg Springer 110-128

[3]

Cheng, R., et al.: Talek: private group messaging with hidden access patterns. In: Annual Computer Security Applications Conference, pp. 84–99 (2020)

[4]

Corrigan-Gibbs, H., et al.: Riposte: an anonymous messaging system handling millions of users. In: 2015 IEEE Symposium on Security and Privacy, pp. 321–338. IEEE (2015)

[5]

Corrigan-Gibbs, H., Ford, B.: Dissent: accountable anonymous group messaging. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 340–350 (2010)

[6]

Danezis G and Serjantov A Fridrich J Statistical disclosure or intersection attacks on anonymity systems Information Hiding 2004 Heidelberg Springer 293-308

[7]

Danezis G, Diaz C, and Troncoso C Borisov N and Golle P Two-sided statistical disclosure attack Privacy Enhancing Technologies 2007 Heidelberg Springer 30-44

[8]

Daubert J et al. Anonpubsub: anonymous publish-subscribe overlays Comput. Commun. 2016 76 42-53

[9]

Dixon, S.: Number of twitter users worldwide from 2019 to 2024. https://www.statista.com/statistics/303681/twitter-users-worldwide/ (2022)

[10]

Gaballah, S.A., et al.: 2PPS-publish/subscribe with provable privacy. In: 2021 40th International Symposium on Reliable Distributed Systems (SRDS), pp. 198–209. IEEE (2021)

[11]

Grube T, Thummerer M, Daubert J, and Mühlhäuser M Livraga G and Mitchell C Cover traffic: a trade of anonymity and efficiency Security and Trust Management 2017 Cham Springer 213-223

[12]

Hayes, J., Troncoso, C., Danezis, G.: TASP: towards anonymity sets that persist. In: Proceedings of the 2016 ACM on Workshop on Privacy in the Electronic Society, pp. 177–180 (2016)

[13]

Karissa, M., et al.: Truthy: enabling the study of online social networks. In: Proceedings 16th ACM Conference on Computer Supported Cooperative Work and Social Computing Companion (CSCW) (2013)

[14]

Kedogan D, Agrawal D, and Penz S Petitcolas FAP Limits of anonymity in open environments Information Hiding 2003 Heidelberg Springer 53-69

[15]

Kwon A et al. Riffle: an efficient communication system with strong anonymity Proc. Priv. Enhancing Technol. 2016 2016 2 115-134

[16]

Kwon, A., et al.: Atom: horizontally scaling strong anonymity. In: Proceedings of the 26th Symposium on Operating Systems Principles, pp. 406–422 (2017)

[17]

Madani, S.: Improving security and efficiency of mix-based anonymous communication systems. PhD thesis, RMIT University (2015)

[18]

Martiny, I., et al.: Improving signal’s sealed sender. In: The Internet Society, NDSS (2021)

[19]

McKelvey, K., et al.: Design and prototyping of a social media observatory. In: Proceedings of the 22nd International Conference on World Wide Web Companion, WWW 2013 Companion, pp. 1351–1358 (2013)

[20]

Newman, Z., et al.: Spectrum: high-bandwidth anonymous broadcast with malicious security. Cryptol. ePrint Arch. (2021)

[21]

Pfitzmann, A., Hansen, M.: A terminology for talking about privacy by data minimization: anonymity, unlinkability, undetectability, unobservability, pseudonymity, and identity management (2010)

[22]

Piotrowska, A.M.: Studying the anonymity trilemma with a discrete-event mix network simulator. In: Proceedings of the 20th Workshop on Workshop on Privacy in the Electronic Society, pp. 39–44 (2021)

[23]

Portela J et al. Disclosing user relationships in email networks J. Supercomput. 2016 72 10 3787-3800

[24]

Thorbecke, C.: Facebook says government requests for user data have reached all-time high. https://abcnews.go.com/Business/facebook-government-requests-user-data-reached-time-high/story?id=66981424 (2019)

[25]

Troncoso C, Gierlichs B, Preneel B, and Verbauwhede I Borisov N and Goldberg I Perfect matching disclosure attacks Privacy Enhancing Technologies 2008 Heidelberg Springer 2-23

[26]

Trujillo AGS, Orozco ALS, Villalba LJG, and Kim T-H A traffic analysis attack to compute social network measures Multimed. Tools Appl. 2019 78 21 29731-29745

[27]

Wolinsky, D., et al.: Hang with your buddies to resist intersection attacks. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 1153–1166 (2013)

[28]

Xu, T., Chen, Y., Fu, X., Hui, P.: Twittering by cuckoo: decentralized and socio-aware online microblogging services. In: Proceedings of the ACM SIGCOMM 2010 Conference, pp. 473–474 (2010)

Cited By

Gaballah SAbdullah LMühlhäuser MMarky K(2024)Let the Users Choose: Low Latency or Strong Anonymity? Investigating Mix Nodes with Paired Mixing TechniquesProceedings of the 19th International Conference on Availability, Reliability and Security10.1145/3664476.3664516(1-11)Online publication date: 30-Jul-2024
https://dl.acm.org/doi/10.1145/3664476.3664516
Gaballah SNguyen TAbdullah LZimmer EMühlhäuser M(2023)Mitigating Intersection Attacks in Anonymous MicrobloggingProceedings of the 18th International Conference on Availability, Reliability and Security10.1145/3600160.3600166(1-11)Online publication date: 29-Aug-2023
https://dl.acm.org/doi/10.1145/3600160.3600166
Roßberger MKesdoğan D(2023)Smart Noise Detection for Statistical Disclosure AttacksSecure IT Systems10.1007/978-3-031-47748-5_6(87-103)Online publication date: 16-Nov-2023
https://dl.acm.org/doi/10.1007/978-3-031-47748-5_6

Index Terms

On the Effectiveness of Intersection Attacks in Anonymous Microblogging
1. Security and privacy
  1. Network security

Index terms have been assigned to the content through auto-classification.

Recommendations

Mitigating Intersection Attacks in Anonymous Microblogging
ARES '23: Proceedings of the 18th International Conference on Availability, Reliability and Security

Anonymous microblogging systems are known to be vulnerable to intersection attacks due to network churn. An adversary that monitors all communications can leverage the churn to learn who is publishing what with increasing confidence over time. In this ...
An Analysis of Attacks against Anonymous Communication Networks
SECTECH '14: Proceedings of the 2014 7th International Conference on Security Technology

Anonymous communication system has been hot topic in the field of information security, and attack techniques against anonymous systems are endless. This paper classifies and summarizes the study of attacks against anonymous communication system in ...
Analyzing the Effectiveness of DoS Attacks on Tor
SIN '14: Proceedings of the 7th International Conference on Security of Information and Networks

Anonymous communication networks (ACNs) are one of the main building blocks of protecting online privacy. However, such systems have often to deal with performance problems and are also not resilient against attacks. We survey the effect of denial-of-...

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

Secure IT Systems: 27th Nordic Conference, NordSec 2022, Reykjavic, Iceland, November 30–December 2, 2022, Proceedings

Nov 2022

389 pages

ISBN:978-3-031-22294-8

DOI:10.1007/978-3-031-22295-5

Editors:
Hans P. Reiser
Reykjavik University, Reykjavik, Iceland
,
Marcel Kyas
Reykjavik University, Reykjavik, Iceland

© The Author(s), under exclusive license to Springer Nature Switzerland AG 2022.

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 30 November 2022

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 18 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Gaballah SAbdullah LMühlhäuser MMarky K(2024)Let the Users Choose: Low Latency or Strong Anonymity? Investigating Mix Nodes with Paired Mixing TechniquesProceedings of the 19th International Conference on Availability, Reliability and Security10.1145/3664476.3664516(1-11)Online publication date: 30-Jul-2024
https://dl.acm.org/doi/10.1145/3664476.3664516
Gaballah SNguyen TAbdullah LZimmer EMühlhäuser M(2023)Mitigating Intersection Attacks in Anonymous MicrobloggingProceedings of the 18th International Conference on Availability, Reliability and Security10.1145/3600160.3600166(1-11)Online publication date: 29-Aug-2023
https://dl.acm.org/doi/10.1145/3600160.3600166
Roßberger MKesdoğan D(2023)Smart Noise Detection for Statistical Disclosure AttacksSecure IT Systems10.1007/978-3-031-47748-5_6(87-103)Online publication date: 16-Nov-2023
https://dl.acm.org/doi/10.1007/978-3-031-47748-5_6

View Options

View options

Figures

Tables

Media

View Table of Conten