P2P eavesdrop 'guilt by association attack' developed
Free BitTorrent countermeasure released
US engineering researchers say they have identified a new privacy threat to users of peer-to-peer (P2P) networks such as BitTorrent and (perhaps) Skype. Obligingly, however, they have freely released a protective plugin designed to work with a popular torrent client.
According to Fabián Bustamante, computer science prof at Northwestern Uni, BitTorrent users - without realising it - form identifiable "communities" over time, in which their computers connect much more often to certain other users' machines.
"This was particularly surprising because BitTorrent is designed to establish connections at random, so there is no a priori reason for such strong communities to exist," Bustamante says.
However, he and his colleagues found that identifying the spontaneous torrent communities would be a "powerful threat to user privacy", described by the researchers as a "guilt-by-association attack". It would allow an organisation monitoring P2P traffic to reliably identify groups of users showing similar behaviour - for instance with relation to particular copyrighted works - much more swiftly and economically than would normally be the case.
According to the Northwestern researchers, clued-up eavesdroppers would be able to pick out groups of clients of interest to them 85 per cent of the time by analysing just 0.01 per cent of the total users on the network. Normally, P2P users tend not to worry too much about monitoring - there are so many users that the chance of being identified and targeted is slim.
Not so much now, according to Bustamante. A relatively minor surveillance effort will allow the RIAA or whoever to pick just the people they're after, ignoring the countless thousands of ordinary users. Quite apart from pigopolists tracking down media sharers of particular interest to them, the Northwestern researchers hint that this could also be a very handy technique for feds, spooks or whoever listening in on P2P VoIP services such as Skype. Listeners wouldn't need to crack any crypto or tap anyone's home line: they could simply establish a few thousand active Skype clients themselves - a trivial matter for an agency such as the NSA - and identify "communities" of interest with ease.
That said, the Northwestern group's research so far has been confined to the BitTorrent network; their mention of P2P VoIP is speculative.
But fear not, says Bustamente - or at least, fear not if you use Vuze/Azureus. He and his colleagues have developed a client plugin they call SwarmScreen, downloadable here, which will prevent a user being picked out in a "guilt by association" torrent trawl.
"With P2P networks increasingly under surveillance from private and government organizations," say the researchers. "SwarmScreen provides a practical and effective solution to disrupt [guilt-by-association] attacks".
SwarmScreen works by downloading random stuff from across the wider P2P network, as well as the things a user has told his or her client to collect. This means that a traffic monitor won't identify that client as part of any given "community".
The downside, of course, is that this wastes bandwidth. However Bustamente and Co have included an "intuitive tuning knob to control the privacy/performance tradeoff - higher privacy may result in some performance loss as some of your bandwidth is allocated to hide your real traffic". Or you can turn down the privacy and accept a greater risk of being fingered in exhange for faster downloads.
Problem solved, at least in the case of BitTorrent. However, the truly paranoid will be unconvinced, noting the source of funding for Bustamente's group in this project. Yes, you guessed it - none other than the US federal government itself. ®