Abstract
In this study, we present a dynamic anonymity management model for communication networks that allows users to self-control their desired level of anonymity protection. Inspired by well-established closed-loop control systems, which continuously adjust parameters based on feedback, we incorporate similar feedback mechanisms into anonymous communication systems. With this continuous feedback mechanism, users can measure their current anonymity protection and take action (e.g., sending fake messages) to increase if their protection level is below than desired. Thereby, we distribute the task of anonymity protection between the user and the system. The experimental results demonstrate that the proposed model effectively achieves and maintains the desired level of anonymity protection.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
Readers who are not familiar with the MIX technique are provided with a simple model in Sect. 3.1 under Mix networks, which contains the information required to understand our work.
- 2.
We assume that implicit information is added to dummy messages, enabling only the recipient to efficiently recognize and delete them with minimal effort. A corresponding technique is detailed in [9].
References
Agrawal, D., Kesdogan, D.: Measuring anonymity: the disclosure attack. IEEE Secur. Privacy 1(06), 27–34 (2003). https://doi.org/10.1109/MSECP.2003.1253565
Aksoy, A., Kesdogan, D.: Effect of group based synchronization on user anonymity in mix networks. In: Proceedings of the 18th International Conference on Availability, Reliability and Security. ARES ’23. Association for Computing Machinery, New York, NY, USA (2023). https://doi.org/10.1145/3600160.3604998
Cai, X., Zhang, X.C., Joshi, B., Johnson, R.: Touching from a distance: website fingerprinting attacks and defenses. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security. CCS ’12, pp. 605–616. Association for Computing Machinery, New York, NY, USA (2012). https://doi.org/10.1145/2382196.2382260
Chaum, D.L.: Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM 24(2), 84–90 (1981)
Danezis, G., Dingledine, R., Mathewson, N.: Mixminion: design of a type iii anonymous remailer protocol. In: 2003 Symposium on Security and Privacy, pp. 2–15 (2003)
Danezis, G.: Statistical disclosure attacks. In: Gritzalis, D., De Capitani di Vimercati, S., Samarati, P., Katsikas, S. (eds.) SEC 2003. ITIFIP, vol. 122, pp. 421–426. Springer, Boston, MA (2003). https://doi.org/10.1007/978-0-387-35691-4_40
Diaz, C., Halpin, H., Kiayias, A.: The NYM network \(|\) the next generation of privacy infrastructure. https://nymtech.net/nym-whitepaper.pdf. Accessed 12 Apr 2023
Edman, M., Yener, B.: On anonymity in an electronic society: a survey of anonymous communication systems. ACM Comput. Surv. 42(1) (2009)
Farber, D., Larson, K.: Network security via dynamic process renaming. In: Fourth Data Communications Symposium, pp. 8–13 (1975)
Gaballah, S., Nguyen, T.H.L., Abdullah, L., Zimmer, E., Mühlhäuser, M.: Mitigating intersection attacks in anonymous microblogging. In: Proceedings of the 18th International Conference on Availability, Reliability and Security. ARES ’23, Association for Computing Machinery, New York, NY, USA (2023). https://doi.org/10.1145/3600160.3600166
Hayes, J., Troncoso, C., Danezis, G.: TASP: towards anonymity sets that persist. In: Proceedings of the 2016 ACM on Workshop on Privacy in the Electronic Society. WPES ’16, pp. 177–180. Association for Computing Machinery, New York, NY, USA (2016). https://doi.org/10.1145/2994620.2994635
van den Hooff, J., Lazar, D., Zaharia, M., Zeldovich, N.: Vuvuzela: Scalable private messaging resistant to traffic analysis. In: Proceedings of the 25th Symposium on Operating Systems Principles. SOSP ’15, pp. 137–152. Association for Computing Machinery, New York, NY, USA (2015). https://doi.org/10.1145/2815400.2815417
Kesdogan, D., Agrawal, D., Pham, V., Rautenbach, D.: Fundamental limits on the anonymity provided by the mix technique. In: 2006 IEEE Symposium on Security and Privacy (S P’06), pp. 14–99 (2006). https://doi.org/10.1109/SP.2006.17
Kesdogan, D., Buschkes, R.: Klassifizierung von Anonymisierungstechniken, pp. 321–332. Vieweg+Teubner Verlag, Wiesbaden (1999). https://doi.org/10.1007/978-3-322-89817-3_28
Kesdogan, D., Egner, J., Büschkes, R.: Stop- and- go-MIXes providing probabilistic anonymity in an open system. In: Aucsmith, D. (ed.) IH 1998. LNCS, vol. 1525, pp. 83–98. Springer, Heidelberg (1998). https://doi.org/10.1007/3-540-49380-8_7
Kesdogan, D., Pimenidis, L.: The hitting set attack on anonymity protocols. In: Fridrich, J. (ed.) IH 2004. LNCS, vol. 3200, pp. 326–339. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30114-1_23
Kwon, A., Lu, D., Devadas, S.: XRD: scalable messaging system with cryptographic privacy. In: NSDI (2020)
Mallesh, N., Wright, M.: Countering statistical disclosure with receiver-bound cover traffic. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 547–562. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74835-9_36
Mathewson, N., Dingledine, R.: Practical traffic analysis: extending and resisting statistical disclosure. In: Martin, D., Serjantov, A. (eds.) PET 2004. LNCS, vol. 3424, pp. 17–34. Springer, Heidelberg (2005). https://doi.org/10.1007/11423409_2
Matloff, N.: Introduction to discrete-event simulation and the simpy language. Davis, CA. Dept of Computer Science. University of California at Davis, 1–33 (2008). Retrieved 2 August 2009
Parekh, S.: Prospects for remailers. First Monday 1(2) (1996).https://doi.org/10.5210/fm.v1i2.476
Piotrowska, A.M., Hayes, J., Elahi, T., Meiser, S., Danezis, G.: The loopix anonymity system. In: 26th USENIX Security Symposium (USENIX Security 17), pp. 1199–1216. USENIX Association, Vancouver, BC (2017)
Shen, T., et al.: DAEnet: making strong anonymity scale in a fully decentralized network. IEEE Trans. Depend. Secure Comput. 19(4), 2286–2303 (2022). https://doi.org/10.1109/TDSC.2021.3052831
Tyagi, N., Gilad, Y., Leung, D., Zaharia, M., Zeldovich, N.: Stadium: a distributed metadata-private messaging system. In: Proceedings of the 26th Symposium on Operating Systems Principles. SOSP ’17, pp. 423–440. Association for Computing Machinery, New York, NY, USA (2017). https://doi.org/10.1145/3132747.3132783
Wolinsky, D.I., Syta, E., Ford, B.: Hang with your buddies to resist intersection attacks. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security. CCS ’13, pp. 1153–1166. Association for Computing Machinery, New York, NY, USA (2013). https://doi.org/10.1145/2508859.2516740
Acknowledgements
The first author would like to express gratitude to the Turkish Ministry of Education for funding his doctoral studies.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2025 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Aksoy, A., Kesdogan, D. (2025). Distributed Dynamic Self-control Anonymity Management Model. In: Martinelli, F., Rios, R. (eds) Security and Trust Management. STM 2024. Lecture Notes in Computer Science, vol 15235. Springer, Cham. https://doi.org/10.1007/978-3-031-76371-7_2
Download citation
DOI: https://doi.org/10.1007/978-3-031-76371-7_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-76370-0
Online ISBN: 978-3-031-76371-7
eBook Packages: Computer ScienceComputer Science (R0)Springer Nature Proceedings Computer Science
