论文信息 - Rebound: Decoy routing on asymmetric routes via error messages

Rebound: Decoy routing on asymmetric routes via error messages

Decoy routing is a powerful circumvention mechanism intended to provide secure communications that cannot be monitored, detected, or disrupted by a third party who controls the user's network infrastructure. Current decoy routing protocols have weaknesses, however: they either make the unrealistic assumption that routes through the network are symmetric (i.e., the router implementing the decoy routing protocol must see all of the traffic, in both directions, from each connection it modifies), or their protocol requires modifying the route taken by packets in connections that use the protocol, and these route changes are detectable by a third party. We present Rebound, a decoy routing protocol that tolerates asymmetric routes without modifying the route taken by any packet that passes through the decoy router, making it more difficult to detect or disrupt than previous decoy routing protocols.

[1] Andrew Hintz,et al. Fingerprinting Websites Using Traffic Analysis , 2002, Privacy Enhancing Technologies.

[2] W. Timothy Strayer,et al. Decoy Routing: Toward Unblockable Internet Communication , 2011, FOCI.

[3] Nick Feamster,et al. Infranet: Circumventing Web Censorship and Surveillance , 2002, USENIX Security Symposium.

[4] Michalis Faloutsos,et al. On routing asymmetry in the Internet , 2005, GLOBECOM '05. IEEE Global Telecommunications Conference, 2005..

[5] Josh Karlin jkarlin. Optimizing the Placement of Implicit Proxies , 2012 .

[6] Ian Goldberg,et al. Telex: Anticensorship in the Network Infrastructure , 2011, USENIX Security Symposium.

[7] Eric Wustrow,et al. TapDance: End-to-Middle Anticensorship without Flow Blocking , 2014, USENIX Security Symposium.

[8] Maurizio Dusi,et al. Estimating routing symmetry on single links by passive flow measurements , 2010, IWCMC.

[9] Nick Mathewson,et al. Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[10] Nicholas Hopper,et al. Routing around decoys , 2012, CCS.

[11] Arati Baliga,et al. A Web Based Covert File System , 2007, HotOS.

[12] Vitaly Shmatikov,et al. No Direction Home: The True Cost of Routing Around Decoys , 2014, NDSS.

[13] Nikita Borisov,et al. Cirripede: circumvention infrastructure using router redirection with plausible deniability , 2011, CCS '11.