Securing Anonymous Communication Channels under Selective DoS Attack

securing anonymous communication channels under n.w
1 / 29
Embed
Share

Learn about securing anonymous communication channels under selective DoS attacks, including the workings of Tor, threats faced, and a proposed 2-phase probing algorithm to detect compromised circuits efficiently.

  • Anonymous Communication
  • Tor Network
  • Selective DoS
  • Cybersecurity
  • Detection Mechanism
rayaanacharya
dsky Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. Securing Anonymous Communication Channels under the Selective DoS Attack Anupam Das , Nikita Borisov University of Illinois at Urbana-Champaign (UIUC) FC 2013 4/4/2025 1

  2. Outline Anonymous Communication (Tor) Selective DoS attack Our Detection Mechanism Evaluation Conclusion 4/4/2025 2

  3. Anonymous Communication Hides user identity and defends users against internet surveillance and traffic analysis. The most widely used anonymity network is Tor ~3000 Tor Relays ~500,000 Users daily 4/4/2025 3

  4. How Tor Works Tor Relay Encrypted link M M M M Unencrypted link Tor circuit /tunnel is built incrementally one hop by one hop Layered encryption is used Each router knows only its predecessor and successor 4/4/2025 4

  5. Threats in Tor Tor relays are run by volunteers. So they can be malicious. Anonymity broken Probability of circuits being compromised: Pr(comprom Assuming t fraction of the bandwidth is controlled by a malicious authority. 4/4/2025 = 2 ised) t 5

  6. Selective DoS in Tor Not Dropped Entry Middle Exit C- Compromised H- Honest Relay Entry Middle Exit H H C C H C H C C C C C Dropped H C H H H H C H H C C H 4/4/2025 6

  7. Impact of Selective DoS Under Normal Condition: = 2 Pr(Comprom ised) t Under Selective DoS: 2 t = Pr(Comprom ised) + 2 3 1 ( ) t t 4/4/2025 7

  8. Our Goal Design a detection mechanism that can distinguish compromised circuits from non-compromised circuits. We propose a 2-phase probing algorithm. 1. Generate candidate circuits 2. Identify potentially compromised circuits Threat Model: 1. Small fraction (~20%) of relays are compromised 2. Compromised relays perform selective DoS attack. 4/4/2025 8

  9. Our Detection Mechanism Phase 1. Generate N working Tor circuits and test the reliability of the circuits by retrieving a web page through the circuit. Entry Middle Exit Entry Middle Exit H H C H H C H C C H C C Test reliability H C H H C H C H H C H H C C H C C H Circuits that survive 1st phase and passed onto the 2nd phase C H C C H C C C C C C C H H H H H H 4/4/2025 9

  10. Our Detection Mechanism Phase 2. For each circuit choose K other random exit and middle relays. Test reliability of the modified circuits. Test Reliability Modified Circuits Entry Middle Exit Entry Middle Exit Hi Hi Hj Hk Hi Hb Cp . . . Cm Cn Cp Cp Repeat the process K times for each circuit. . . . . . . Ca Hb Hb Cc For each circuit keep track of the no. of success M IF(M>=Threshold) classify as potentially honest circuit 4/4/2025 10

  11. Probabilistic Analysis Assuming t fraction of the bandwidth is controlled by a malicious authority. (t 20%) = 2 Pr(comprom ised circuit) = t Entry Middle Exit 3) Pr(honest circuit) 1 ( t C H C C C C H H H For t=0.2, (1-t)3 >> t2 So majority of the circuits in the second phase are honest. Therefore compromised circuits should have low success rate after circuit modification. 4/4/2025 11

  12. Complex Attacks What if compromised nodes don t always drop to avoid detection? We consider 2 types of dropping strategy- 1. Random drop 2. Strategic drop Random Drop: Drops with probability d Strategic Drop: Don t drop circuits of form XXC as they are helpful in the 2nd phase Entry Middle Exit H H C H C C H C H C H H C C H C H C C C C H H H 4/4/2025 12

  13. Disguising Probes To make probes indistinguishable from user traffic we adopt the following strategies- 1. Use popular websites as probing destination Alexa lists the top popular websites 2. Replay non-sensitive browsing history as probes 3. Randomize the middle relay from the set of (N-1) available relays after phase 1 4/4/2025 13

  14. Evaluation We evaluate our approach through both simulation and real world experiments. Simulation setup: Gathered Tor node info from torstatus.blutmagie.de/ Randomly assigned 20% bandwidth to be compromised. To approximate the failure rate present in the current Tor network we take the help of TorFlow project [Torflow project. https://gitweb.torproject.org/torflow.git] We generate 10,000 Tor circuits and record their failure rate. Average failure rate after 10 run was found to be approximately 23%. 4/4/2025 14

  15. Simulation Results As drop rate d increases the probability of selecting a compromised circuits decreases 4/4/2025 15

  16. Real World Experiments We use Emulab and PlanetLab machines for our experimental setup. 11 Emulab machines= 10 run Tor protocol (20Kbps)+1 acted as server (gathering timing info from the other 10 machines) [Bauer et al. WPES 07] Extracted 40 other regular Tor node and added our 10 compromised nodes (t=20%). Use PlanetLab machines as clients. Fraction of compromised guards Pr(not compromised) Pr(not compromised) (Conventional Tor) 0 1.0 1.0 1/3 1.0 0.867 2/3 0.843 0.612 1 0.0 0.0 4/4/2025 16

  17. Overhead Approximation Each usable circuit requires 4 probes Each probe size is 300KB (avg. size of the most popular web pages) So the total traffic used by a single user every one hour is (6*3*300*4)KB 21MB Currently, Tor s Bandwidth capacity = 3.21GB/s Approximately 5% of the bandwidth can be used to satisfy the current peak demand 4/4/2025 17

  18. Related Work Danner et al. [FC 2009] proposed a probing technique where they create O(n*l) circuits to identify compromised relays. [where n= no. of relays, l=no. of times each probe is repeated] However, 1. They don t consider strategic adaptation by malicious nodes like random dropping. 2. More suitable as a centralized approach. Otherwise it would not be scalable. Probes might be more easier to distinguish. Mike Perry (Tor Performance Developer) recently proposed: Client-side accounting mechanism that tracks the circuit failure rate for each of the client s entry nodes. 4/4/2025 18

  19. Conclusion Our detection algorithm filters out potentially compromised Tor circuits with high probability. We also show that adaptive adversaries who choose to deny service probabilistically do not benefit from adopting such strategy. Future Work: Can we lower the cost of probing/overhead? Can we not use probing at all? Maybe use historical data 4/4/2025 19

  20. Questions 4/4/2025 20

  21. 4/4/2025 21

  22. What is Tor? Tor (short for The Onion Routing) is a system that provides online anonymity. Tor hides user identity and defends users against internet surveillance and traffic analysis. Tor was originally launched in 2002 by US Naval Research Lab From 2004 it became an open source software. 4/4/2025 22

  23. Why use Tor? Journalists & Activists & Whistleblowers Report controversial topics Report abuses from danger zones Human Rights Watch Normal users Unwanted Advertisements Hide physical location Sensitive survey Access blocked sites Militaries and Law enforcement officers Online surveillance Anonymous tip Intelligence gathering Business executives Keeping strategies confidential Accountability 4/4/2025 23

  24. Probabilistic Analysis We evaluate the False positive and False negative rates. We also consider random network failure in our model. False Negative (FN)= Fraction of compromised circuits that are wrongly classified as honest False Positive (FP)= Fraction of honest circuits that are wrongly classified as compromised Ideally we want both FN and FP as small as possible. [detailed derivations in our tech report ] 4/4/2025 24

  25. Tuning Parameters For choosing appropriate K and we define two evaluation metric- Security, Overhead, K=3 =2 4/4/2025 25

  26. Complex Attacks Prob. of selecting XXC circuit in the 2nd phase Cost of forwarding traffic through non-compromised circuits 4/4/2025 26

  27. 4/4/2025 27

  28. Tor Tunnel Construction 4/4/2025 28

  29. Our Detection Mechanism Phase 2. For each circuit choose K other random exit and middle relays. Test reliability of the modified circuits. Test Reliability Modified Circuits Entry Middle Exit Entry Middle Exit Hi Hi Hj Hk Hi Hb Cp . . . Cm Cn Cp Cp Repeat the process K times for each circuit. . . . . . . Ca Hb Hb Cc For each circuit keep track of the no. of success for each circuit M IF(M>=Threshold) classify as potentially honest circuit 4/4/2025 29

Related


Building Your Flexible Presentation with Arkansas State University Templates

Building Your Flexible Presentation with Arkansas State University Templates

blossom
Helpful Presentation Template Instructions

Helpful Presentation Template Instructions

adriana
Visual Presentation Slides Showcase

Visual Presentation Slides Showcase

luella
Methods of Data Presentation in Animal Sciences

Methods of Data Presentation in Animal Sciences

lenora
Comprehensive Guidelines for Successful Competition Presentations

Comprehensive Guidelines for Successful Competition Presentations

chace
Populations in Homelessness and Poverty Presentation

Populations in Homelessness and Poverty Presentation

esai
Efficient Method for Importing Slides into a New Presentation

Efficient Method for Importing Slides into a New Presentation

arno
Master's Final Examination: Electrical and Electronic Engineering Presentation

Master's Final Examination: Electrical and Electronic Engineering Presentation

hyacinth
Bank of South Pacific Limited Investor Presentation Overview

Bank of South Pacific Limited Investor Presentation Overview

adelita
Effective Presentation Strategies for Engaging Audiences

Effective Presentation Strategies for Engaging Audiences

su_sel
Modern Presentation Design Showcase

Modern Presentation Design Showcase

aryla
Guidelines for Uploading Presentation Files at ASP-DAC 2019

Guidelines for Uploading Presentation Files at ASP-DAC 2019

zaer271
Mastering Presentation Delivery with Note Cards

Mastering Presentation Delivery with Note Cards

wertman_l
Mastering Effective Presentation Skills: Tips for Success

Mastering Effective Presentation Skills: Tips for Success

kol_lov
Building an Engaging Presentation Together

Building an Engaging Presentation Together

kser480
GC EARB Enterprise Architecture Review Board Follow-up Presentation

GC EARB Enterprise Architecture Review Board Follow-up Presentation

littles_t
Guidelines for Final Sales Presentation

Guidelines for Final Sales Presentation

amte680
Youth Violence Reduction CPF Application Slide Deck Presentation

Youth Violence Reduction CPF Application Slide Deck Presentation

kher473
Presentation Slides Showcase - Engaging Visual Content

Presentation Slides Showcase - Engaging Visual Content

gira
Step-by-Step Guide on Importing Slides into a New PowerPoint Presentation

Step-by-Step Guide on Importing Slides into a New PowerPoint Presentation

kri_smo
Financial Summary Board of Trustees Presentation Overview

Financial Summary Board of Trustees Presentation Overview

jemia
Presentation Exchange Functionality

Presentation Exchange Functionality

gabry

More Related Content