Thwarting traceback attack on Freenet

A traceback attack was recently developed on Freenet, which can identify the originating machine of a content request message, even if a single content request message has been issued by a content retriever. The traceback attack exploited a few fine-grained design and development decisions made in Freenet, including the unique identifier (UID) based mechanism to prevent routing loops of content request messages. In this paper we develop a simple yet effective scheme named dynID to thwart the traceback attack on Freenet. In dynID, the UID associated with a content request message is dynamically changed at the beginning portion of the message forwarding path. As a consequence, an attacker can only trace back a content request message to the node where the UID value is last changed; it cannot uniquely determine the originating machine of the message. Importantly, dynID only has negligible impacts on the performance of Freenet in locating content on the network. For example, our simulation studies based on the original Freenet source code show that, for all content requests, we can successfully locate the corresponding requested content.

[1]  Zhenhai Duan,et al.  A Routing Table Insertion (RTI) Attack on Freenet , 2012, 2012 International Conference on Cyber Security.

[2]  Ian Clarke,et al.  Freenet: A Distributed Anonymous Information Storage and Retrieval System , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[3]  Zhenhai Duan,et al.  A traceback attack on Freenet , 2013, 2013 Proceedings IEEE INFOCOM.