Correlation Attacks
If you are connected to a node, you can see what requests it is making. These may be forwarded for other peers, however, if you recognize the content that is being requested, and you can connect different content together logically as part of a larger whole, for example by being all part of the same splitfile, or frost posts from the same identity, you can work out how likely it is that the content is being requested by your peer rather than one of his peers. Since we know the local network topology you may even be able to do a similar analysis to work out which node (in topological terms, which can be translated to an IP address via harvesting on opennet), the requests come from, even if it is a few hops away - but this will require a lot of data e.g. a very large splitfile, or a bunch of related splitfiles.
Countermeasures:
- PremixRouting is the long term countermeasure to this.
Sometimes confused with intersection attacks.
