Breaking the Collusion Detection Mechanism of MorphMix

  • Parisa Tabriz
  • Nikita Borisov
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4258)


MorphMix is a peer-to-peer circuit-based mix network designed to provide low-latency anonymous communication. MorphMix nodes incrementally construct anonymous communication tunnels based on recommendations from other nodes in the system; this P2P approach allows it to scale to millions of users. However, by allowing unknown peers to aid in tunnel construction, MorphMix is vulnerable to colluding attackers that only offer other attacking nodes in their recommendations. To avoid building corrupt tunnels, MorphMix employs a collusion detection mechanism to identify this type of misbehavior. In this paper, we challenge the assumptions of the collusion detection mechanism and demonstrate that colluding adversaries can compromise a significant fraction of all anonymous tunnels, and in some cases, a majority of all tunnels built. Our results suggest that mechanisms based solely on a node’s local knowledge of the network are not sufficient to solve the difficult problem of detecting colluding adversarial behavior in a P2P system and that more sophisticated schemes may be needed.


Malicious Node Exponential Weighted Moving Average Virtual Link Tunnel Construction Tunnel Length 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    eDonkey File Sharing System (2003)Google Scholar
  2. 2.
    Berthold, O., Federrath, H., Köpsell, S.: Web MIXes: A System for Anonymous and Unobservable Internet Access. In: Workshop on Design Issues in Anonymity and Unobservability, pp. 115–129 (2000)Google Scholar
  3. 3.
    Bhagwan, R., Savage, S., Voelker, G.: Understanding Availability. In: 2nd International Workshop on Peer-to-Peer Systems (2003)Google Scholar
  4. 4.
    Chaum, D.: Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms. Communications of the ACM 24(2), 84–88 (1981)CrossRefGoogle Scholar
  5. 5.
    Cornelli, F., Damiani, E., De Capitani diVimercati, S., Paraboschi, S., Samarati, P.: Choosing Reputable Servents in a P2P Network. In: WWW, pp. 376–386 (2002)Google Scholar
  6. 6.
    Danezis, G., Dingledine, R., Mathewson, N.: Mixminion: Design of a Type III Anonymous Remailer Protocol. In: Proceedings of the 2003 Symposium on Security and Privacy, pp. 2–15. IEEE Computer Society, Los Alamitos (2003)Google Scholar
  7. 7.
    Daswani, N., Garcia-Molina, H.: Pong-cache poisoning in GUESS. In: 11th ACM Conference on Computer and Communications Security (2004)Google Scholar
  8. 8.
    Dingledine, R., Mathewson, N., Syverson, P.F.: Tor: The Second-Generation Onion Router. In: USENIX Security Symposium, pp. 303–320 (2004)Google Scholar
  9. 9.
    Douceur: The Sybil Attack. In: International Workshop on Peer-to-Peer Systems (IPTPS). LNCS, vol. 1, Springer, Heidelberg (1973)Google Scholar
  10. 10.
    Freedman, Morris: Tarzan: A Peer-to-Peer Anonymizing Network Layer. In: SIGSAC: 9th ACM Conference on Computer and Communications Security. ACM SIGSAC (2002)Google Scholar
  11. 11.
    Kamvar, S.D., Schlosser, M.T., Garcia-Molina, H.: The Eigentrust Algorithm for Reputation Management in P2P Networks. In: WWW, pp. 640–651 (2003)Google Scholar
  12. 12.
    Levine, B.N., Shields, C.: Hordes: a Multicast-Based Protocol for Anonymity. Journal of Computer Security 10(3), 213–240 (2002)Google Scholar
  13. 13.
    Murdoch, S.J., Danezis, G.: Low-Cost Traffic Analysis of Tor. In: IEEE Symposium on Security and Privacy, pp. 183–195 (2005)Google Scholar
  14. 14.
    Newsome, J., Shi, E., Song, D., Perrig, A.: The Sybil Attack in Sensor Networks: Analysis & Defenses. In: Proceedings of the Third International Symposium on Information Processing in Sensor Networks (IPSN 2004), April 26–27, pp. 259–268. ACM Press, New York (2004)CrossRefGoogle Scholar
  15. 15.
    Page, L., Brin, S., Motwani, R., Winograd, T.: The PageRank Citation Ranking: Bringing Order to the Web. Technical Report SIDL-WP-1999-0120, Stanford University (November 1999)Google Scholar
  16. 16.
    Reiter, Rubin: Crowds: Anonymity for Web Transactions. ACMTISS: ACM Transactions on Information and System Security 1 (1998)Google Scholar
  17. 17.
    Rennhard, M., Plattner, B.: Practical Anonymity for the Masses with MorphMix. In: Juels, A. (ed.) FC 2004. LNCS, vol. 3110, pp. 233–250. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  18. 18.
    Rennhard, M.: PhD thesis, Swiss Federal Institute of Technology ZurichGoogle Scholar
  19. 19.
    Rennhard, M.: MorphMix prototype v0.1 (2004)Google Scholar
  20. 20.
    Rennhard, M., Plattner, B.: Introducing MorphMix: Peer-to-Peer Based Anonymous Internet Usage with Collusion Detection. In: WPES, pp. 91–102 (2002)Google Scholar
  21. 21.
    Walsh, K., Sirer, E.G.: Fighting Peer-to-Peer SPAM and Decoys with Object Reputation. In: Proceedings of the Third Workshop on the Economics of Peer-to-Peer Systems (P2PECON) (2005)Google Scholar
  22. 22.
    Zhang, Goel, Govindan, Mason, Van Roy: Making Eigenvector-Based Reputation Systems Robust to Collusion. In: Optimization Techniques 1973. LNCS, vol. 3, Springer, Heidelberg (1973)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Parisa Tabriz
    • 1
  • Nikita Borisov
    • 1
  1. 1.University of Illinois at Urbana-Champaign 

Personalised recommendations