GAME OF DECOYS: Optimal Decoy Routing Through Game Theory

Decoy routing is a promising new approach for censorship circumvention that relies on traffic re-direction by volunteer autonomous systems. Decoy routing is subject to a fundamental censorship attack, called routing around decoy (RAD), in which the censors re-route their clients' Internet traffic in order to evade decoy routing autonomous systems. Recently, there has been a heated debate in the community on the real-world feasibility of decoy routing in the presence of the RAD attack. Unfortunately, previous studies rely their analysis on heuristic-based mechanisms for decoy placement strategies as well as ad hoc strategies for the implementation of the RAD attack by the censors. In this paper, we perform the first systematic analysis of decoy routing in the presence of the RAD attack. We use game theory to model the interactions between decoy router deployers and the censors in various settings. Our game-theoretic analysis finds the optimal decoy placement strategies---as opposed to heuristic-based placements---in the presence of RAD censors who take their optimal censorship actions---as opposed to some ad hoc implementation of RAD. That is, we investigate the best decoy placement given the best RAD censorship. We consider two business models for the real-world deployment of decoy routers: a central deployment that resembles that of Tor and a distributed deployment where autonomous systems individually decide on decoy deployment based on their economic interests. Through extensive simulation of Internet routes, we derive the optimal strategies in the two models for various censoring countries and under different assumptions about the budget and preferences of the censors and decoy deployers. We believe that our study is a significant step forward in understanding the practicality of the decoy routing circumvention approach.

[1]  藤重 悟 Submodular functions and optimization , 1991 .

[2]  J. Boyan DATA AND INFORMATION COLLECTION ON THE NET The Anonymizer Protecting User Privacy on the Web , 1997 .

[3]  Samir Khuller,et al.  The Budgeted Maximum Coverage Problem , 1999, Inf. Process. Lett..

[4]  Online article , 2001, Regulatory Peptides.

[5]  Adrian Vetta,et al.  Nash equilibria in competitive societies, with applications to facility location, traffic routing and auctions , 2002, The 43rd Annual IEEE Symposium on Foundations of Computer Science, 2002. Proceedings..

[6]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[7]  Tim Roughgarden,et al.  The price of stability for network design with fair cost allocation , 2004, 45th Annual IEEE Symposium on Foundations of Computer Science.

[8]  Éva Tardos,et al.  Algorithm design , 2005 .

[9]  Steve Uhlig,et al.  Modeling the routing of an autonomous system with C-BGP , 2005, IEEE Network.

[10]  Andreas Krause,et al.  Cost-effective outbreak detection in networks , 2007, KDD '07.

[11]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.2 , 2008, RFC.

[12]  Tim Roughgarden,et al.  Algorithmic Game Theory , 2007 .

[13]  Nikita Borisov,et al.  Cirripede: circumvention infrastructure using router redirection with plausible deniability , 2011, CCS '11.

[14]  Ian Goldberg,et al.  Telex: Anticensorship in the Network Infrastructure , 2011, USENIX Security Symposium.

[15]  W. Timothy Strayer,et al.  Decoy Routing: Toward Unblockable Internet Communication , 2011, FOCI.

[16]  Josh Karlin jkarlin Optimizing the Placement of Implicit Proxies , 2012 .

[17]  Nicholas Hopper,et al.  Routing around decoys , 2012, CCS.

[18]  Chris Arney,et al.  The Atlas of Economic Complexity: Mapping Paths to Prosperity , 2012 .

[19]  Vitaly Shmatikov,et al.  The Parrot Is Dead: Observing Unobservable Network Communications , 2013, 2013 IEEE Symposium on Security and Privacy.

[20]  Donghyun Kim,et al.  On Combinatoric Approach to Circumvent Internet Censorship Using Decoy Routers , 2013, MILCOM 2013 - 2013 IEEE Military Communications Conference.

[21]  Nikita Borisov,et al.  I want my voice to be heard: IP over Voice-over-IP for unobservable censorship circumvention , 2013, NDSS.

[22]  Vitaly Shmatikov,et al.  No Direction Home: The True Cost of Routing Around Decoys , 2014, NDSS.

[23]  Eric Wustrow,et al.  TapDance: End-to-Middle Anticensorship without Flow Blocking , 2014, USENIX Security Symposium.

[24]  W. Timothy Strayer,et al.  Rebound: Decoy routing on asymmetric routes via error messages , 2015, 2015 IEEE 40th Conference on Local Computer Networks (LCN).