1 files changed, 64 insertions, 0 deletions

diff --git a/summary/src/cat/src/related.tex b/summary/src/cat/src/related.tex
new file mode 100644
index 0000000..6c36654
--- /dev/null
+++ b/summary/src/cat/src/related.tex
@@ -0,0 +1,64 @@
+\section{Related Work} \label{cat:sec:related}
+The combination of a WF attack with a WO is a type of Classify-Verify method as
+proposed by Stolerman et al.~\cite{stolerman2013classify}, which in turn is a
+type of rejection function as described by Chow~\cite{chow1970optimum}. Such a
+method was first used in the context of WF by Juarez
+\emph{et~al.}~\cite{DBLP:conf/ccs/JuarezAADG14} and later by Greschbach
+\emph{et~al.} \cite{DBLP:conf/ndss/GreschbachPRWF17} to augment WF attacks with
+inferences from observed DNS traffic. Note that the attack by Greschbach et al.
+can be seen as a probabilistic WO due to the attacker under their threat model
+only observing a fraction of DNS traffic from the Tor network. Our work builds
+upon and generalises their work where DNS traffic is just one of many possible
+sources to infer website visits from. Further, our DNS-based sources are usable
+by anyone instead of relatively strong network attackers (or Google or
+Cloudflare).
+
+All anonymity networks produce anonymity sets (per definition) that change with
+observations by an attacker over time~\cite{Raymond00}. Modelling the behaviour
+of an anonymity system (as a mix), what the attacker observes, and how the
+anonymity sets change over time allows us to reason about how the attacker can
+perform traffic analysis and break the anonymity provided by the
+system~\cite{DiazSCP02,KedoganAP02,SerjantovD02}. Attacks along these lines are
+many with more-or-less consistent terminology, including intersection attacks,
+(statistical) disclosure attacks, and traffic confirmation
+attacks~\cite{DBLP:conf/diau/BertholdPS00,Danezis03,
+DBLP:conf/pet/Danezis04,DBLP:conf/ih/DanezisS04,KesdoganP04,Raymond00,
+DBLP:journals/jsac/ReedSG98,TroncosoGPV08}. 
+
+WOs are nothing more than applying the notion of anonymity sets to the potential
+destination websites visited over an anonymity network like Tor and giving an
+attacker the ability to query this anonymity set for membership for a limited
+number of monitored websites. The way we use WOs in our generic attacks is
+\emph{not to learn long-term statistically unlikely relationships} between
+senders and recipients in a network. Rather, the WO is only used to learn
+\emph{part of the anonymity set at the time of the attack}. That an attacker can
+observe anonymity sets is not novel, what is novel in our work is how we apply
+it to the WF domain and argue for its inclusion as a core attacker capability
+when modelling WF attacks and defenses. 
+
+Murdoch and Danezis showed how to use observed latency in Tor as an oracle to
+perform traffic analysis attacks \cite{MurdochD05}. Chakravarty \emph{et~al.}
+detailed similar attacks but based on bandwidth estimation
+\cite{ChakravartySK10} and Mittal \emph{et~al.} using throughput
+estimation~\cite{MittalKJCB11}. Attackers in these cases do not need to be
+directly in control of significant fractions Tor, but rather use network
+measurements to infer the state of the network and create an oracle that an
+attacker can utilize, similar to WOs. 
+
+Correlation of input and output flows is at the core of many attacks on
+anonymity networks like Tor~\cite{BorisovDMT07,JohnsonWJSS13,SunEVLRCM15}. Flow
+correlation attacks correlate traffic on the network layer, considering packet
+sizes and timing of sent traffic. The RAPTOR attack by Sun et
+al.~\cite{SunEVLRCM15} needs about 100MB of data sent over five minutes to
+correlate flows with high accuracy. The recent state-of-the-art attack DeepCorr
+by Nasr \emph{et~al.} \cite{deepcorr}---based on deep learning like Deep
+Fingerprinting by Sirinam \emph{et~al.}~\cite{DF}---needs only about 900KB of
+data (900 packets) for comparable accuracy to RAPTOR. While flow correlation
+attacks like RAPTOR and DeepCorr operate on the network layer, WF+WO attacks can
+be viewed as \emph{application layer} correlation attacks. WF attacks extract
+the application-layer data (the website) while WOs reconstruct parts of the
+anonymity set of possible monitored websites visited. WF attacks need to observe
+most of the traffic generated when visiting a website that goes into the
+anonymity network. While a WO does not have to directly view any of the output
+flows of the network, it needs to be able to infer if a particular website was
+visited during a period of time, as shown in Section~\ref{cat:sec:sources}.