Securing Anonymous Communication Channels under the Selective DoS Attack

Anonymous communication systems are subject to selective denial-of-service (DoS) attacks. Selective DoS attacks lower anonymity as they force paths to be rebuilt multiple times to ensure delivery, which increases the opportunity for more attack. We present a detection algorithm that filters out compromised communication channels for one of the most widely used anonymity networks, Tor. Our detection algorithm uses two levels of probing to filter out potentially compromised tunnels. We probabilistically analyze our detection algorithm and show its robustness against selective DoS attacks through simulation. We also analyze the overhead of our algorithm and show that we can achieve better security guarantee than the conventional Tor path selection algorithm, while adding only approximately 5% bandwidth overhead to the Tor network. Finally, we validate our design with experiments using the live Tor network.

[1]  Ian R. Kerr,et al.  Lessons from the Identity Trail: Anonymity, Privacy and Identity in a Networked Society , 2009 .

[2]  Paul F. Syverson,et al.  Locating hidden servers , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[3]  Micah Adler,et al.  An Analysis of the Degradation of Anonymous Protocols , 2002, NDSS.

[4]  Danny Krizanc,et al.  Simulation of circuit creation in Tor: Preliminary results , 2011, PETS 2011.

[5]  Marek Klonowski,et al.  Duo-Onions and Hydra-Onions - Failure and Adversary Resistant Onion Protocols , 2004, Communications and Multimedia Security.

[6]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[7]  S. Hahn,et al.  Privacy-preserving Ways to Estimate the Number of Tor Users , 2012 .

[8]  Nikita Borisov,et al.  Securing Tor Tunnels under the Selective-DoS Attack , 2011, ArXiv.

[9]  Joseph Bonneau,et al.  What's in a Name? , 2020, Financial Cryptography.

[10]  Danny Krizanc,et al.  Detecting Denial of Service Attacks in Tor , 2009, Financial Cryptography.

[11]  강윤희,et al.  생물정보학 연구를 위한 환경으로써 Emulab 평가 , 2013 .

[12]  Micah Adler,et al.  Defending anonymous communications against passive logging attacks , 2003, 2003 Symposium on Security and Privacy, 2003..

[13]  Dirk Grunwald,et al.  Low-resource routing attacks against tor , 2007, WPES '07.

[14]  Kevin S. Bauer,et al.  On the Optimal Path Length for Tor , 2010 .

[15]  Helen Nissenbaum,et al.  Trackmenot: Resisting Surveillance in Web Search , 2015 .

[16]  Riccardo Bettati,et al.  On Flow Correlation Attacks and Countermeasures in Mix Networks , 2004, Privacy Enhancing Technologies.

[17]  Matthew K. Wright,et al.  Salsa: a structured approach to large-scale anonymity , 2006, CCS '06.

[18]  Nitesh Saxena,et al.  On the Privacy of Web Search Based on Query Obfuscation: A Case Study of TrackMeNot , 2010, Privacy Enhancing Technologies.

[19]  George Danezis,et al.  Denial of service or denial of security? , 2007, CCS '07.

[20]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[21]  Antony I. T. Rowstron,et al.  Cashmere: resilient anonymous routing , 2005, NSDI.

[22]  Vitaly Shmatikov,et al.  Timing Analysis in Low-Latency Mix Networks: Attacks and Defenses , 2006, ESORICS.

[23]  Gene Tsudik,et al.  Towards an Analysis of Onion Routing Security , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[24]  Dieter Gollmann,et al.  Computer Security - ESORICS 2006, 11th European Symposium on Research in Computer Security, Hamburg, Germany, September 18-20, 2006, Proceedings , 2006, ESORICS.

[25]  Matthew K. Wright,et al.  Timing Attacks in Low-Latency Mix Systems (Extended Abstract) , 2004, Financial Cryptography.

[26]  Paul F. Syverson,et al.  Anonymous connections and onion routing , 1998, IEEE J. Sel. Areas Commun..