Evaluating Statistical Disclosure Attacks and Countermeasures for Anonymous Voice Calls
ARES '23: Proceedings of the 18th International Conference on Availability, Reliability and Security
Article No.: 22, Pages 1 - 10
Abstract
Assuming a threat model of a global observer, statistical disclosure attacks have been proposed to efficiently de-anonymize communication relationships in text-based mix networks over time. It is commonly assumed that such attacks are also able to disclose call relationships in anonymous communication networks (ACNs) that support voice calls. One straightforward countermeasure is to expect users to permanently send and receive packets that mimic a Voice over IP (VoIP) call. However, this is not practical in real world scenarios, like on mobile devices. In this article, we adapt one specific statistical disclosure attack (Z-SDA-MD) to voice calls and quantitatively study less resource-intensive countermeasures. As base countermeasure, we evaluate a round-based communication model, corresponding to a timed mix. A simulation study of this scenario shows that the Z-SDA-MD is not well suited for a general disclosure of call relationships because of too many false positives. Nevertheless, the attack is able to correctly identify the most frequent relationships. Still, the accuracy in that regard may significantly be decreased by increasing the duration of one round, by decoupling actions (call setup and teardown) of caller and callee by a random number of rounds, and by occasional fake calls to a fixed set of “fake friends”. Overall, our study shows that anonymous voice calls may be implemented with an acceptable trade-off between anonymity, call setup time, and bandwidth overhead.
References
[1]
Ishtiyaque Ahmad, Yuntian Yang, Divyakant Agrawal, Amr El Abbadi, and Trinabh Gupta. 2021. Addra: Metadata-private Voice Communication over Fully Untrusted Infrastructure. In 15th USENIX Symposium on Operating Systems Design and Implementation (OSDI 21). 313–329. https://www.usenix.org/conference/osdi21/presentation/ahmad.
[2]
Imad Al Ajarmeh, James Yu, and Mohamed Amezziane. 2011. Framework for Modeling Call Holding Time for Voip Tandem Networks: Introducing the Call Cease Rate Function. In 2011 IEEE Global Telecommunications Conference-GLOBECOM 2011. IEEE, 1–6.
[3]
Yérom-David Bromberg, Quentin Dufour, Davide Frey, and Etienne Rivière. 2022. Donar: Anonymous VoIP over Tor. In 19th USENIX Symposium on Networked Systems Design and Implementation (NSDI 22). 249–265.
[4]
Chen Chen, Daniele E. Asoni, Adrian Perrig, David Barrera, George Danezis, and Carmela Troncoso. 2018. TARANET: Traffic-Analysis Resistant Anonymity at the Network Layer. In 2018 IEEE European Symposium on Security and Privacy (EuroS&P). 137–152. https://doi.org/10.1109/EuroSP.2018.00018
[5]
George Danezis and Carmela Troncoso. 2009. Vida: How to Use Bayesian Inference to De-anonymize Persistent Communications. In Privacy Enhancing Technologies. Vol. 5672. 56–72. https://doi.org/10.1007/978-3-642-03168-7_4
[6]
Roger Dingledine, Nick Mathewson, and Paul Syverson. 2004. Tor: The Second-Generation Onion Router. Technical Report. Naval Research Lab Washington DC.
[7]
Christian Franck and Uli Sorger. 2016. Untraceable VoIP Communication Based on DC-nets. (2016). https://doi.org/10.48550/ARXIV.1610.06549
[8]
Dogan Kesdogan, Dakshi Agrawal, and Stefan Penz. 2003. Limits of Anonymity in Open Environments. In Information Hiding. Vol. 2578. 53–69. https://doi.org/10.1007/3-540-36415-3_4
[9]
Dogan Kesdogan and Lexi Pimenidis. 2004. The Hitting Set Attack on Anonymity Protocols. In Information Hiding. Vol. 3200. 326–339. https://doi.org/10.1007/978-3-540-30114-1_23
[10]
David Lazar, Yossi Gilad, and Nickolai Zeldovich. 2019. Yodel: Strong Metadata Security for Voice Calls. In Proceedings of the 27th ACM Symposium on Operating Systems Principles. 211–224. https://doi.org/10.1145/3341301.3359648
[11]
Stevens Le Blond, David Choffnes, William Caldwell, Peter Druschel, and Nicholas Merritt. 2015. Herd: A Scalable, Traffic Analysis Resistant Anonymity Network for VoIP Systems. In Proceedings of the 2015 ACM Conference on Special Interest Group on Data Communication. 639–652. https://doi.org/10.1145/2785956.2787491
[12]
Nick Mathewson and Roger Dingledine. 2005. Practical Traffic Analysis: Extending and Resisting Statistical Disclosure. In Privacy Enhancing Technologies. Vol. 3424. 17–34. https://doi.org/10.1007/11423409_2
[13]
Jonathan Mayer, Patrick Mutchler, and John C. Mitchell. 2016. Evaluating the Privacy Properties of Telephone Metadata. Proceedings of the National Academy of Sciences 113, 20 (May 2016), 5536–5541. https://doi.org/10.1073/pnas.1508081113
[14]
Simon Oya, Carmela Troncoso, and Fernando Pérez-González. 2014. Do Dummies Pay Off? Limits of Dummy Traffic Protection in Anonymous Communications. In Privacy Enhancing Technologies. Vol. 8555. 204–223. https://doi.org/10.1007/978-3-319-08506-7_11
[15]
Fernando Perez-Gonzalez, Carmela Troncoso, and Simon Oya. 2014. A Least Squares Approach to the Static Traffic Analysis of High-Latency Anonymous Communication Systems. IEEE Transactions on Information Forensics and Security 9, 9 (Sept. 2014), 1341–1355. https://doi.org/10.1109/TIFS.2014.2330696
[16]
David Schatz, Michael Rossberg, and Guenter Schaefer. 2022. Hydra: Practical Metadata Security for Contact Discovery, Messaging, and Voice Calls. SN Computer Science 3, 5 (June 2022), 341. https://doi.org/10.1007/s42979-022-01231-9
[17]
Andrei Serjantov, Roger Dingledine, and Paul Syverson. 2003. From a Trickle to a Flood: Active Attacks on Several Mix Types. In Information Hiding. Vol. 2578. 36–52. https://doi.org/10.1007/3-540-36415-3_3
[18]
Piyush Kumar Sharma, Shashwat Chaudhary, Nikhil Hassija, Mukulika Maity, and Sambuddho Chakravarty. 2020. The Road Not Taken: Re-thinking the Feasibility of Voice Calling Over Tor. Proceedings on Privacy Enhancing Technologies 2020, 4 (Oct. 2020), 69–88. https://doi.org/10.2478/popets-2020-0063
[19]
Carmela Troncoso, Benedikt Gierlichs, Bart Preneel, and Ingrid Verbauwhede. 2008. Perfect Matching Disclosure Attacks. In Privacy Enhancing Technologies. Vol. 5134. 2–23. https://doi.org/10.1007/978-3-540-70630-4_2
[20]
András Varga and Rudolf Hornig. 2008. An Overview of the OMNeT++ Simulation Environment. In Proceedings of the First International ICST Conference on Simulation Tools and Techniques for Communications Networks and Systems. https://doi.org/10.4108/ICST.SIMUTOOLS2008.3027
Index Terms
- Evaluating Statistical Disclosure Attacks and Countermeasures for Anonymous Voice Calls
Recommendations
A survey on anonymous voice over IP communication: attacks and defenses
AbstractAnonymous voice over IP (VoIP) communication is important for many users, in particular, journalists, human rights workers and themilitary. Recent research work has shown an increasing interest in methods of anonymous VoIP communication. This ...
Protocol-level attacks against Tor
Tor is a real-world, circuit-based low-latency anonymous communication network, supporting TCP applications over the Internet. In this paper, we present an extensive study of protocol-level attacks against Tor. Different from existing attacks, the ...
Empirical tests of anonymous voice over IP
Voice over IP (VoIP) is an important service on the Internet, and privacy for VoIP calls will be increasingly important for many people. Providing this privacy, however, is challenging, as anonymity services can be slow and unpredictable. In this paper, ...
Comments
Information & Contributors
Information
Published In
August 2023
1440 pages
ISBN:9798400707728
DOI:10.1145/3600160
Copyright © 2023 Owner/Author.
This work is licensed under a Creative Commons Attribution-NonCommercial International 4.0 License.
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 29 August 2023
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Conference
ARES 2023
ARES 2023: The 18th International Conference on Availability, Reliability and Security
August 29 - September 1, 2023
Benevento, Italy
Acceptance Rates
Overall Acceptance Rate 228 of 451 submissions, 51%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 187Total Downloads
- Downloads (Last 12 months)162
- Downloads (Last 6 weeks)24
Reflects downloads up to 09 Nov 2024
Other Metrics
Citations
View Options
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML FormatGet Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in