Preventing Attacks on Anonymous Data Collection
Alex Catarineu, Philipp Cla{\ss}en, Konark Modi, and Josep M. Pujol

TL;DR
This paper introduces a privacy-preserving rate-limiting mechanism for anonymous data collection systems to prevent malicious data injection, leveraging cryptographic primitives and achieving high throughput with low latency.
Contribution
It proposes a novel rate-limiting approach based on Direct Anonymous Attestation that maintains user anonymity while detecting and dropping malicious messages.
Findings
Achieves up to 125 messages/sec for senders
Achieves up to 140 messages/sec for collectors
Latency is bounded at 4 seconds in 95th percentile with Tor
Abstract
Anonymous data collection systems allow users to contribute the data necessary to build services and applications while preserving their privacy. Anonymity, however, can be abused by malicious agents aiming to subvert or to sabotage the data collection, for instance by injecting fabricated data. In this paper we propose an efficient mechanism to rate-limit an attacker without compromising the privacy and anonymity of the users contributing data. The proposed system builds on top of Direct Anonymous Attestation, a proven cryptographic primitive. We describe how a set of rate-limiting rules can be formalized to define a normative space in which messages sent by an attacker can be linked, and consequently, dropped. We present all components needed to build and deploy such protection on existing data collection systems with little overhead. Empirical evaluation yields performance up to 125…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsInternet Traffic Analysis and Secure E-voting · Cryptography and Data Security · Privacy-Preserving Technologies in Data
