Internet Anonymity and the Design Process - A Practical Approach
|
|
- Emmeline Summers
- 3 years ago
- Views:
Transcription
1 anon.next: A Framework for Privacy in the Next Generation Internet Matthew Wright Department of Computer Science and Engineering, The University of Texas at Arlington, Arlington, TX, USA, mwright@uta.edu, Abstract. Systems for anonymity on the Internet are inherently slow; multi-hop paths may traverse continents in an effort to remove the linkability between source and destination. Next generation Internet infrastructures are currently being investigated, notably through the NSF GENI project. In such an infrastructure, there is an opportunity to build anonymity directly into the network so that it is faster and more efficient than overlay-based approaches. We propose anon.next, a basic architecture for this kind of network-embedded anonymity system meant to be tested on the GENI infrastructure. In anon.next, anonymizing proxies are controlled by ISPs and have information about how to build paths that are both efficient and privacy-preserving. This paper presents the design choices that we would face in developing this system and the challenges for determining the privacy it would provide. 1 Introduction Anonymity research has led to a variety of practical system designs and anonymity systems that are in use today [1]. These systems are effective against many kinds of attacks on privacy, but they have substantially slower network performance and cannot protect against more powerful attackers. These systems have made reasonable design choices but face fundamental limitations. As they are overlay networks, an anonymized connection going through multiple proxies must pass through several Internet connections before reaching its destination, and reply traffic faces the same overhead. Any optimizations in this framework are therefore limited at best. Recently, there has been a great deal of interest by researchers in new Internet architectures. In particular, the U.S. National Science Foundation has a major long-term initiative in Future Internet Design (FIND) see Related to this initiative is the development of GENI, the Global Environment for Network Innovations ( a virtual laboratory for internetworking research. The next-generation Internet is expected to have many features, such as security mechanisms, quality-of-service, availability, and application support. This also presents a substantial opportunity for anonymity
2 2 and privacy researchers to develop ideas for privacy enhanced systems in these future networks. In this paper, we propose to investigate ways of embedding anonymous communications proxies into the new Internet architectures, such that these networks can provide efficient and effective protection from traffic analysis. More specifically, we will consider a simple but promising notion that proxies much like existing anonymizing proxies can be placed in key locations throughout the network to provide strong protection from traffic analysis. This will mean that the privacy of users communications will be protected while providing high-speed connections in a way that is not possible with todays frameworks. The promise of this idea is clear: by removing significant overheads in the creation of the path of proxies and not requiring communications to cross the entire network multiple times, we greatly lower the delays as compared to an overlay system. Further, consolidation of traffic may offer opportunities to provide greater mixing, by which traffic from different connections is briefly stored and reordered to confuse the eavesdropper. Mixing is largely beyond the capability of todays overlay systems, as the traffic levels are not high enough; low traffic means long periods of storage at the proxies, while higher traffic levels are too expensive for volunteer operators to sustain. While embedded anonymizing proxies would add to the networks infrastructure costs, they could be more cost-efficient than overlay proxies and the costs could be charged to users. The addition of proxies can substantially improve protection against powerful eavesdroppers by ensuring that sufficient mixing occurs in the system. In this initial investigation, we will consider a variety of possibilities for the placement of proxies in the network and the algorithms for selecting proxies for anonymous communication paths. We will use analysis and simulation to determine the performance and security consequences of different choices, as well as considering the practicality of these choices with respect to the cost of the proxies and overhead in the network. The most promising choices will be studied further in future research, in which we will investigate the potential for mixing and cover traffic to further prevent traffic analysis. 2 Background Anonymous communications have been studied in detail since 1981, when Chaum presented the idea of a mix [2], a proxy that buffers messages and reorders them before sending them out. Mixes should be put in a series, or a path, in which layers of encryption are removed in stages to protect messages from being tracked. Most of the research in anonymity has been based on this simple idea, and much of that work has focused on the systems aspects making anonymity practical and efficient for real network users. Designers of anonymity systems, including the commercial Freedom network [3] and the currently popular Tor [1], have made substantial compromises in security to allow for acceptable performance and overheads. Essentially, unlike mixes, they do not buffer or reorder messages. The creators of Tor plainly state that end-to-end timing correlation is likely to
3 3 be effective against their system [1]. Recent efforts in timing analysis have shown high rates of attacker success for tracking communications, even when all users have identical, constant-rate traffic patterns [4]. Despite the security compromises these systems have made, they are still slow. While this has been difficult to quantify, it seems clear that sending and receiving packets over randomly selected multiple overlay hops will be inherently slower than a direct connection. Each intermediate connection, for example, is subject to possible congestion. This means that the chance of congestion somewhere on the path is much higher than in a direct connection. One approach to solving this problem would be to choose servers that are well-placed in the network to provide the best network performance. Doing this in a naive way, however, makes the system vulnerable to attackers with only modest resources [5]. While secure ways of improving network performance may exist, such improvements will be inherently limited by the need to connect to servers at the edge of the network. In this paper, we propose a means to remedy the limitations on the performancesecurity tradeoff in current anonymity systems by embedding proxies into the network structure. This idea holds promise but leads to a number of important questions for investigation. In such an investigation, we would seek the answers to the two questions most suitable to understanding the feasibility of this approach. First, where should we put the proxies? Second, How do we select paths between proxies? Of course, these two questions are linked and we will need to address them together. Research funding agencies in both the U.S. and Europe are calling for new efforts in Internet design. This presents a unique opportunity to consider the addition of network services, including protection from traffic analysis. The main novel aspect of this proposed effort is to place proxies inside the network architecture, with more direct routes between proxies, in an effort to reduce the overheads of providing anonymity, while likely improving the security of the system. We envision these proxies being attached to routers, in that they will have short, direct links to the routers where end nodes typically are not attached. We now describe some of the challenges that are critical to the design of the anon.next system. Placement of Proxies. Placement of the proxies in the Internet involves choosing logical, rather than physical, locations. The placement, for example could be attached to the edge routers in the network or attached to routers in the core of the network. If we place all the inter-proxy routing intelligence in the proxies themselves, such proxies could sit at the core without requiring extra work from heavily-loaded routers. However, there may be benefits from having the proxies get information from the routers to improve their routing decisions. In this case, it could become quite expensive to place the proxies at core routers. This also affects the number of proxies. As more proxies are added to the system, the amount of mixing between different traffic may be reduced. However, realistic loads may only be handled with many proxies.
4 4 Selection of Proxies on the User s Path. Routing between proxies can take many forms, and there may be a tension between performance and security. Purely random selection of proxies has the best security properties, but can lead to very long paths and may provide little to no benefit over systems like Tor. Using entirely performance-driven selections can lead to selection that only use the nearest proxies, or proxies that split the distance between the end points. These paths may be easier to eavesdrop; selecting paths that avoid reusing the same network service provider or Internet exchange may be critical to privacy [5]. Proxy Discovery. Selecting proxies assumes that the nodes doing selection will know about most of the proxies in the Internet. This leads to a substantial challenging in the secure distribution of proxy information. While complete information about all proxies is more secure, as it can help prevent statistical attacks on path selection, keeping complete and up-to-date information may be prohibitively expensive. We expect that a system based on a combination of extensive local knowledge and less complete knowledge of more distant proxies may be appropriate in this system. Inter-proxy Connection Properties. To best pick paths that provide good performance, particularly without being tricked by attackers, there will need to be a means of testing the connections between proxies. Simple measurements of latency and bandwidth are certainly possible, and we hypothesize that nodes do not have the ability to affect results much except to make them worse than reality. This is unlikely to provide much benefit to the attacker. Against a system such as this, there are a number of attacks that must be considered. Here, we mention a few of the most likely and/or critical: Attacks Based on Latency. Hopper et al. study this possibility extensively on Tor [6]. The main issue is that the set of possible initiators can be greatly reduced by estimating the latency between the initiator and the responder. There are ways to mitigate this attack. First, having a large number of users makes a practical attack difficult, as there will be too many possible initiators even after the attack. Second, we may be able to limit the attacks effectiveness by putting users into latency classes. The client or the first proxy can estimate the round trip time (RTT) to the responder and add small delays to make the average RTT one of a relatively few values. With many users, the number of such values can be large enough to accomodate reasonable variation without high delays. Attacks Based on Biased Path Selection. If we assume that not every proxy can know every other proxy in the system, then the paths could be subject to bias by the attacker providing misinformation. A structured P2P system can be used as to create a secure distributed directory service, as proposed by Nambiar and Wright [7]. In a next-generation anonymity system, we believe that the structure of the directory service must be at least partially associated with the relative network distance between peers. This
5 5 way, peers that are close to each other can be easily substituted in a path without major changes to performance. Creating and evaluating a system design that does this is a major new challenge. Attacks Based on Leaks Due to Path Selection. As pointed out by Mittal and Borisov, using such a system like Salsa can lead to information leaks [8]. We also note that leaks can come from location if paths are chosen using latency as a consideration. The worst case is that these leaks build on each other, so that the combination of attacks is substantially more powerful at identifying the initiator. We will aim in our design to make these leaks substantially overlap, so that the information gained through one type of attack is approximately the same as the information gained from the other. Creating path selection algorithms that meet this goal, and finding ways to evaluate them, will be an important and difficult task. Attacks on Privacy Using Denial of Service. Denial of service attacks can be dangerous to the privacy of users, as shown by Borisov et al. [9]. The main problem in a system like Tor is that an attacker can block some paths in an attempt to get the initiator to use paths controlled by the attacker. As pointed out by Borisov et al., a reputation system could have an effect on such an attack by making denial of service attacks cost the attacker chances to be on a path [9]. Tailoring a reputation system to the proposed scenario and demonstrating its effectiveness are import to protect against this class of attacks, as well as provide useful information for selecting paths in the system. Intersection and Predecessor Attacks. Intersection and predecessor attacks require relatively strong attackers with either a substantial fraction of malicious nodes or a powerful eavesdropper who can see a large fraction of anonymized traffic. Since attacks have been shown to be successful against Tor and AN.ON with weaker attacker models, we believe that a reasonable approach is to focus on these attacks while limiting the ability for the attacker to control nodes and observe traffic. For the latter, we will aim to keep paths diverse and have them pass through multiple Internet Exchanges. 3 Conclusions This paper presents anon.next, a system of anonymizing proxies for the next generation Internet. With ongoing efforts to design and evaluate new Internet architectures, it is an exciting time to investigate novel privacy-preserving infrastructures for these networks. In this paper, we have discussed some of the key challenges around the design of one such infrastructure. There is a tremendous amount of additional work to be done in this area, and we encourage privacy researchers to start thinking more about the design challenges and privacy pitfalls involved in such an undertaking.
6 6 References 1. R. Dingledine, N. Mathewson, P.S.: Tor: The next-generation onion router. In: Proc. 13th USENIX Security Symposium. (Aug. 2004) 2. Chaum, D.: Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms. Communications of the ACM 24(2) (Feb. 1981) Back, A., Goldberg, I., Shostack, A.: Freedom 2.0 security issues and analysis. Zero-Knowledge Systems, Inc. white paper (Nov. 2000) 4. Levine, B.N., Reiter, M., Wang, C., Wright, M.: Timing analysis in low-latency mix systems. In: Proc. Financial Cryptography (FC). (Feb. 2004) 5. Murdoch, S.J., Zieliński, P.: Sampled traffic analysis by internet-exchange-level adversaries. In: Proceedings of the Seventh Workshop on Privacy Enhancing Technologies (PET 2007). (June 2007) 6. Hopper, N., Vasserman, E.Y., Chan-Tin, E.: How much anonymity does network latency leak? ACM Transactions on Information and System Security (forthcoming 2009) 7. Nambiar, A., Wright, M.: Salsa: a structured approach to large-scale anonymity. In: Proc. ACM Conference on Computer and Communications Security (CCS 06). (Oct. 2006) 8. Mittal, P., Borisov, N.: Information leaks in structured peer-to-peer anonymous communication systems. In: Proceedings of the 15th ACM Conference on Computer and Communications Security (CCS 2008). (October 2008) 9. Borisov, N., Danezis, G., Mittal, P., Tabriz, P.: Denial of service or denial of security? How attacks on reliability can compromise anonymity. In: Proceedings of CCS (October 2007)
Detecting Denial of Service Attacks in Tor
Detecting Denial of Service Attacks in Tor Norman Danner, Danny Krizanc, and Marc Liberatore Department of Mathematics and Computer Science Wesleyan University Middletown, CT 06459 USA Abstract. Tor is
More informationDesign Principles for Low Latency Anonymous Network Systems Secure against Timing Attacks
Design Principles for Low Latency Anonymous Network Systems Secure against Timing Attacks Rungrat Wiangsripanawan, Willy Susilo and Rei Safavi-Naini Center for Information Security School of Information
More informationTor Anonymity Network & Traffic Analysis. Presented by Peter Likarish
Tor Anonymity Network & Traffic Analysis Presented by Peter Likarish This is NOT the presenter s original work. This talk reviews: Tor: The Second Generation Onion Router Dingledine, Mathewson, Syverson
More informationAnonymous Communication in Peer-to-Peer Networks for Providing more Privacy and Security
Anonymous Communication in Peer-to-Peer Networks for Providing more Privacy and Security Ehsan Saboori and Shahriar Mohammadi Abstract One of the most important issues in peer-to-peer networks is anonymity.
More informationA Security Review of an Anonymous Peer-to-Peer File Transfer Protocol
A Security Review of an Anonymous Peer-to-Peer File Transfer Protocol Bryan Lipinski, Patrick MacAlpine [lipinski,patmac]@rice.edu Abstract This paper examines the overall security of AP3 [2] (Anonymous
More informationAnalysis of an Anonymity Network for Web Browsing
Analysis of an Anonymity Network for Web Browsing Marc Rennhard, Sandro Rafaeli, Laurent Mathy, Bernhard Plattner and David Hutchison Swiss Federal Institute of Technology, Computer Engineering and Networks
More informationThe dangers of composing anonymous channels
The dangers of composing anonymous channels George Danezis 1 and Emilia Käsper 2 1 Microsoft Research 2 Google gdane@microsoft.com, ekasper@google.com Abstract. We present traffic analyses of two anonymous
More informationPRIVACY IN VOIP NETWORKS
PRIVACY IN VOIP NETWORKS Anirban Maitra, Arun Kumar, Akshay Kumar Department of Electronics and Communication Engineering, Maharashi Dayanand University, Rohtak Abstract- Peer-to-peer VoIP (voice over
More informationTOR (The Onion Router)
TOR (The Onion Router) TOR (The Onion Router) is a free software implementation of second generation onion routing a system enabling its users to communicate anonymously on the Internet. Originally sponsored
More informationLocating Hidden Servers
Locating Hidden Servers Lasse Øverlier Norwegian Defence Research Establishment and Gjøvik University College lasse.overlier@{ffi,hig}.no Paul Syverson Naval Research Laboratory syverson@itd.nrl.navy.mil
More informationOn the Effectiveness of Traffic Analysis Against Anonymity Networks Using Flow Records
On the Effectiveness of Traffic Analysis Against Anonymity Networks Using Flow Records Sambuddho Chakravarty, Marco V. Barbera 2, Georgios Portokalidis 3, Michalis Polychronakis, and Angelos D. Keromytis
More informationImpact of Network Topology on Anonymity and Overhead in Low-Latency Anonymity Networks
Impact of Network Topology on Anonymity and Overhead in Low-Latency Anonymity Networks Claudia Diaz 1, Steven J. Murdoch 2, and Carmela Troncoso 1 1 K.U. Leuven/IBBT, ESAT/SCD-COSIC firstname.lastname@esat.kuleuven.be
More informationA Catechistic Method for Traffic Pattern Discovery in MANET
A Catechistic Method for Traffic Pattern Discovery in MANET R. Saranya 1, R. Santhosh 2 1 PG Scholar, Computer Science and Engineering, Karpagam University, Coimbatore. 2 Assistant Professor, Computer
More informationActive Timing Based Approach for Tracking Anonymous Peer-to-peer Network in VoIP
International Journal of Soft Computing and Engineering (IJSCE) Active Timing Based Approach for Tracking Anonymous Peer-to-peer Network in VoIP Karthikeyan.C, Karthikeyan.V, Jerin Sajeev.C.R, Merlin Moses.M
More informationPlanetSeer: Internet Path Failure Monitoring and Characterization in Wide-Area Services
PlanetSeer: Internet Path Failure Monitoring and Characterization in Wide-Area Services Ming Zhang, Chi Zhang Vivek Pai, Larry Peterson, Randy Wang Princeton University Motivation Routing anomalies are
More informationA Tune-up for Tor: Improving Security and Performance in the Tor Network
A Tune-up for Tor: Improving Security and Performance in the Tor Network Robin Snader Department of Computer Science University of Illinois at Urbana Champaign rsnader2@cs.uiuc.edu Nikita Borisov Department
More informationPrivacy-Implications of Performance-Based Peer Selection by Onion-Routers: A Real-World Case Study Using I2P
Privacy-Implications of Performance-Based Peer Selection by Onion-Routers: A Real-World Case Study Using I2P Michael Herrmann and Christian Grothoff Technische Universität München, Munich, Germany {herrmann,grothoff}@net.in.tum.de
More informationUsing traffic analysis to identify The Second Generation Onion Router
2011 Ninth IEEE/IFIP International Conference on Embedded and Ubiquitous Computing Using traffic analysis to identify The Second Generation Onion Router John Barker School of Computer and Security Science
More informationDDOS WALL: AN INTERNET SERVICE PROVIDER PROTECTOR
Journal homepage: www.mjret.in DDOS WALL: AN INTERNET SERVICE PROVIDER PROTECTOR Maharudra V. Phalke, Atul D. Khude,Ganesh T. Bodkhe, Sudam A. Chole Information Technology, PVPIT Bhavdhan Pune,India maharudra90@gmail.com,
More informationPrivacy Preserving of VoIP against Peer-to-Peer Network Attacks And Defense
Privacy Preserving of VoIP against Peer-to-Peer Network Attacks And Defense K. Bharathkumar 1, R. Premalatha Kanikannan 2, Dr.Rajeswari Mukesh 3,M. Kasiselvi 4,T. Kumanan 5. 1 PG Student, Department of
More informationPassive-Logging Attacks Against Anonymous Communications Systems
Passive-Logging Attacks Against Anonymous Communications Systems MATTHEW K. WRIGHT University of Texas at Arlington and MICAH ADLER and BRIAN NEIL LEVINE University of Massachusetts Amherst and CLAY SHIELDS
More informationEmpirical Tests of Anonymous Voice Over IP
Empirical Tests of Anonymous Voice Over IP Marc Liberatore b,, Bikas Gurung a, Brian Neil Levine b, Matthew Wright c, a Qualcomm, Inc. 5775 Morehouse Drive, San Diego, CA 92121 USA b Department of Computer
More informationPerformance Comparison of low-latency Anonymisation Services from a User Perspective
Performance Comparison of low-latency Anonymisation Services from a User Perspective Rolf Wendolsky Hannes Federrath Department of Business Informatics University of Regensburg 7th Workshop on Privacy
More informationSecurity Scheme for Distributed DoS in Mobile Ad Hoc Networks
Security Scheme for Distributed DoS in Mobile Ad Hoc Networks Sugata Sanyal 1, Ajith Abraham 2, Dhaval Gada 3, Rajat Gogri 3, Punit Rathod 3, Zalak Dedhia 3 and Nirali Mody 3 1 School of Technology and
More informationPlaying Server Hide and Seek. lasse.overlier@ffi.no http://www.syverson.org
Playing Server Hide and Seek Lasse Øverlier Norwegian Defence Research Establishment Paul Syverson Naval Research Laboratory lasse.overlier@ffi.no http://www.syverson.org Location Hidden Servers Alice
More informationMonitoring the I2P network
Monitoring the I2P network Juan Pablo Timpanaro, Isabelle Chrisment*, Olivier Festor INRIA Nancy-Grand Est, France *LORIA - ESIAL, Henri Poincaré University, Nancy 1, France Abstract. We present the first
More informationCompromising Anonymity Using Packet Spinning
Compromising Anonymity Using Packet Spinning Vasilis Pappas, Elias Athanasopoulos, Sotiris Ioannidis, and Evangelos P. Markatos Institute of Computer Science (ICS) Foundation for Research & Technology
More informationPassive-Logging Attacks Against Anonymous Communications Systems
Passive-Logging Attacks Against Anonymous Communications Systems MATTHEW K. WRIGHT University of Texas at Arlington MICAH ADLER and BRIAN NEIL LEVINE University of Massachusetts Amherst and CLAY SHIELDS
More informationCHAPTER 6 SECURE PACKET TRANSMISSION IN WIRELESS SENSOR NETWORKS USING DYNAMIC ROUTING TECHNIQUES
CHAPTER 6 SECURE PACKET TRANSMISSION IN WIRELESS SENSOR NETWORKS USING DYNAMIC ROUTING TECHNIQUES 6.1 Introduction The process of dispersive routing provides the required distribution of packets rather
More informationDenial of Service Attacks and Resilient Overlay Networks
Denial of Service Attacks and Resilient Overlay Networks Angelos D. Keromytis Network Security Lab Computer Science Department, Columbia University Motivation: Network Service Availability Motivation:
More informationTraceroute-Based Topology Inference without Network Coordinate Estimation
Traceroute-Based Topology Inference without Network Coordinate Estimation Xing Jin, Wanqing Tu Department of Computer Science and Engineering The Hong Kong University of Science and Technology Clear Water
More informationAN EFFICIENT POINT TO POINT COMMUNICATION PROTOCOL FOR MOBILE CLOUD COMPUTING
AN EFFICIENT POINT TO POINT COMMUNICATION PROTOCOL FOR MOBILE CLOUD COMPUTING Lavanya P J 1, Suresh P 2 1 PG Student, Dept of CSE, Sri Venkateshwara College of Engineering, lavanyachetana@gmail.com 2 Assistant
More informationWAN Optimization Integrated with Cisco Branch Office Routers Improves Application Performance and Lowers TCO
WAN Optimization Integrated with Cisco Branch Office Routers Improves Application Performance and Lowers TCO The number of branch-office work sites is increasing, so network administrators need tools to
More informationA Topology-Aware Relay Lookup Scheme for P2P VoIP System
Int. J. Communications, Network and System Sciences, 2010, 3, 119-125 doi:10.4236/ijcns.2010.32018 Published Online February 2010 (http://www.scirp.org/journal/ijcns/). A Topology-Aware Relay Lookup Scheme
More informationA Case Study on Measuring Statistical Data in the Tor Anonymity Network
A Case Study on Measuring Statistical Data in the Tor Anonymity Network Karsten Loesing 1,StevenJ.Murdoch 1,2, and Roger Dingledine 1 1 The Tor Project 2 Computer Laboratory, University of Cambridge, UK
More informationSECURE DATA TRANSMISSION USING INDISCRIMINATE DATA PATHS FOR STAGNANT DESTINATION IN MANET
SECURE DATA TRANSMISSION USING INDISCRIMINATE DATA PATHS FOR STAGNANT DESTINATION IN MANET MR. ARVIND P. PANDE 1, PROF. UTTAM A. PATIL 2, PROF. B.S PATIL 3 Dept. Of Electronics Textile and Engineering
More informationInternational Journal of Advanced Research in Computer Science and Software Engineering
Volume 2, Issue 9, September 2012 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com An Experimental
More informationManaging Incompleteness, Complexity and Scale in Big Data
Managing Incompleteness, Complexity and Scale in Big Data Nick Duffield Electrical and Computer Engineering Texas A&M University http://nickduffield.net/work Three Challenges for Big Data Complexity Problem:
More informationHyper Node Torus: A New Interconnection Network for High Speed Packet Processors
2011 International Symposium on Computer Networks and Distributed Systems (CNDS), February 23-24, 2011 Hyper Node Torus: A New Interconnection Network for High Speed Packet Processors Atefeh Khosravi,
More informationPerformance of networks containing both MaxNet and SumNet links
Performance of networks containing both MaxNet and SumNet links Lachlan L. H. Andrew and Bartek P. Wydrowski Abstract Both MaxNet and SumNet are distributed congestion control architectures suitable for
More informationDefending Against Traffic Analysis Attacks with Link Padding for Bursty Traffics
Proceedings of the 4 IEEE United States Military Academy, West Point, NY - June Defending Against Traffic Analysis Attacks with Link Padding for Bursty Traffics Wei Yan, Student Member, IEEE, and Edwin
More informationShining Light in Dark Places: Understanding the Tor Network
Shining Light in Dark Places: Understanding the Tor Network Damon McCoy 1, Kevin Bauer 1, Dirk Grunwald 1, Tadayoshi Kohno 2, and Douglas Sicker 1 1 Department of Computer Science, University of Colorado,
More informationHPAM: Hybrid Protocol for Application Level Multicast. Yeo Chai Kiat
HPAM: Hybrid Protocol for Application Level Multicast Yeo Chai Kiat Scope 1. Introduction 2. Hybrid Protocol for Application Level Multicast (HPAM) 3. Features of HPAM 4. Conclusion 1. Introduction Video
More informationMetrics for Security and Performance in Low-Latency Anonymity Systems
Metrics for Security and Performance in Low-Latency Anonymity Systems Steven J. Murdoch and Robert N. M. Watson Computer Laboratory, University of Cambridge, UK http://www.cl.cam.ac.uk/users/{sjm217,rnw24}
More informationSecurity and Privacy Issues in Wireless Ad Hoc, Mesh, and Sensor Networks
Advance in Electronic and Electric Engineering. ISSN 2231-1297, Volume 4, Number 4 (2014), pp. 381-388 Research India Publications http://www.ripublication.com/aeee.htm Security and Privacy Issues in Wireless
More informationPrivacy-Implications of Performance-Based Peer Selection by Onion-Routers: A Real-World Case Study using I2P
Privacy-Implications of Performance-Based Peer Selection by Onion-Routers: A Real-World Case Study using I2P Michael Herrmann and Christian Grothoff Technische Universität München, Munich, Germany {herrmann,grothoff@net.in.tum.de
More informationssumathy@vit.ac.in upendra_mcs2@yahoo.com
S. Sumathy 1 and B.Upendra Kumar 2 1 School of Computing Sciences, VIT University, Vellore-632 014, Tamilnadu, India ssumathy@vit.ac.in 2 School of Computing Sciences, VIT University, Vellore-632 014,
More informationChapter 4. VoIP Metric based Traffic Engineering to Support the Service Quality over the Internet (Inter-domain IP network)
Chapter 4 VoIP Metric based Traffic Engineering to Support the Service Quality over the Internet (Inter-domain IP network) 4.1 Introduction Traffic Engineering can be defined as a task of mapping traffic
More informationPrivacy-Implications of Performance-Based Peer Selection by Onion-Routers: A Real-World Case Study using I2P
Privacy-Implications of Performance-Based Peer Selection by Onion-Routers: A Real-World Case Study using I2P Michael Herrmann and Christian Grothoff Technische Universität München, Munich, Germany {herrmann,grothoff@net.in.tum.de
More informationTCP over Multi-hop Wireless Networks * Overview of Transmission Control Protocol / Internet Protocol (TCP/IP) Internet Protocol (IP)
TCP over Multi-hop Wireless Networks * Overview of Transmission Control Protocol / Internet Protocol (TCP/IP) *Slides adapted from a talk given by Nitin Vaidya. Wireless Computing and Network Systems Page
More informationStudent, Haryana Engineering College, Haryana, India 2 H.O.D (CSE), Haryana Engineering College, Haryana, India
Volume 5, Issue 6, June 2015 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com A New Protocol
More informationDovetail: Stronger Anonymity in Next-Generation Internet Routing
Dovetail: Stronger Anonymity in Next-Generation Internet Routing Jody Sankey and Matthew Wright University of Texas at Arlington jody@jsankey.com, mwright@uta.edu Abstract. Given current research initiatives
More informationSimulating a File-Sharing P2P Network
Simulating a File-Sharing P2P Network Mario T. Schlosser, Tyson E. Condie, and Sepandar D. Kamvar Department of Computer Science Stanford University, Stanford, CA 94305, USA Abstract. Assessing the performance
More informationRome: Performance and Anonymity using Route Meshes
Rome: Performance and Anonymity using Route Meshes Krishna P. N. Puttaswamy, Alessandra Sala, Omer Egecioglu, and Ben Y. Zhao Computer Science Department, University of California at Santa Barbara {krishnap,
More informationLecture Objectives. Lecture 07 Mobile Networks: TCP in Wireless Networks. Agenda. TCP Flow Control. Flow Control Can Limit Throughput (1)
Lecture Objectives Wireless and Mobile Systems Design Lecture 07 Mobile Networks: TCP in Wireless Networks Describe TCP s flow control mechanism Describe operation of TCP Reno and TCP Vegas, including
More informationExamining Proxies to Mitigate Pervasive Surveillance
Examining Proxies to Mitigate Pervasive Surveillance Eliot Lear Barbara Fraser Abstract The notion of pervasive surveillance assumes that it is possible for an attacker to have access to all links and
More informationMOR: Monitoring and Measurements through the Onion Router
MOR: Monitoring and Measurements through the Onion Router Demetris Antoniades 1, Evangelos P. Markatos 1, and Constantine Dovrolis 2 1 Institute of Computer Science Foundation for Research & Technology
More informationNetwork Architecture and Topology
1. Introduction 2. Fundamentals and design principles 3. Network architecture and topology 4. Network control and signalling 5. Network components 5.1 links 5.2 switches and routers 6. End systems 7. End-to-end
More informationCHAPTER 6. VOICE COMMUNICATION OVER HYBRID MANETs
CHAPTER 6 VOICE COMMUNICATION OVER HYBRID MANETs Multimedia real-time session services such as voice and videoconferencing with Quality of Service support is challenging task on Mobile Ad hoc Network (MANETs).
More informationInternational Journal of Advanced Research in Computer Science and Software Engineering
Volume 3, Issue 1, January 2013 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com Analysis of
More information(Un)Suitability of Anonymous Communication Systems to WSN
R. Rios, and J. Lopez, (Un)Suitability of Anonymous Communication Systems to WSN, IEEE Systems Journal, vol. 7, pp. 298-310, 2013. http://doi.org/10.1109/jsyst.2012.2221956 NICS Lab. Publications: https://www.nics.uma.es/publications
More informationQoS issues in Voice over IP
COMP9333 Advance Computer Networks Mini Conference QoS issues in Voice over IP Student ID: 3058224 Student ID: 3043237 Student ID: 3036281 Student ID: 3025715 QoS issues in Voice over IP Abstract: This
More informationAKAMAI WHITE PAPER. Delivering Dynamic Web Content in Cloud Computing Applications: HTTP resource download performance modelling
AKAMAI WHITE PAPER Delivering Dynamic Web Content in Cloud Computing Applications: HTTP resource download performance modelling Delivering Dynamic Web Content in Cloud Computing Applications 1 Overview
More informationQuality of Service and Denial of Service
Quality of Service and Denial of Service Stanislav Shalunov, Benjamin Teitelbaum ACM SIGCOMM RIPQOS Workshop, Karlsruhe, Germany, 2003-08-27 QoS Congestion Regulator Many factors might affect outcome of
More informationA Privacy Preserving of Composite Private/Public Key in Cloud Servers
A Privacy Preserving of Composite Private/Public Key in Cloud Servers O Sri Nagesh PhD Scholar, Department of CSE, Lingaya s University, Faridabad ABSTRACT Security is a term used to provide secrecy of
More information(MPLS) MultiProtocol Labling Switching. Software Engineering 4C03 Computer Network & Computer Security Dr. Kartik Krishnan Winter 2004.
(MPLS) MultiProtocol Labling Switching Software Engineering 4C03 Computer Network & Computer Security Dr. Kartik Krishnan Winter 2004 Final Copy Researcher: Paul Chan Student ID: 9914759 Last Revised:
More informationPacket Level Authentication Overview
Packet Level Authentication Overview Dmitrij Lagutin, Dmitrij.Lagutin@hiit.fi Helsinki Institute for Information Technology HIIT Aalto University School of Science and Technology Contents Introduction
More informationImproving the Performance of TCP Using Window Adjustment Procedure and Bandwidth Estimation
Improving the Performance of TCP Using Window Adjustment Procedure and Bandwidth Estimation R.Navaneethakrishnan Assistant Professor (SG) Bharathiyar College of Engineering and Technology, Karaikal, India.
More informationImproving Effective WAN Throughput for Large Data Flows By Peter Sevcik and Rebecca Wetzel November 2008
Improving Effective WAN Throughput for Large Data Flows By Peter Sevcik and Rebecca Wetzel November 2008 When you buy a broadband Wide Area Network (WAN) you want to put the entire bandwidth capacity to
More informationCatch Me If You Can: A Practical Framework to Evade Censorship in Information-Centric Networks
Catch Me If You Can: A Practical Framework to Evade Censorship in Information-Centric Networks Reza Tourani, Satyajayant (Jay) Misra, Joerg Kliewer, Scott Ortegel, Travis Mick Computer Science Department
More informationTraffic Analysis Attacks and Defenses in Low Latency Anonymous Communication. Sambuddho Chakravarty
Traffic Analysis Attacks and Defenses in Low Latency Anonymous Communication Sambuddho Chakravarty Submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy in the Graduate
More informationAn Efficient Load Balancing Technology in CDN
Issue 2, Volume 1, 2007 92 An Efficient Load Balancing Technology in CDN YUN BAI 1, BO JIA 2, JIXIANG ZHANG 3, QIANGGUO PU 1, NIKOS MASTORAKIS 4 1 College of Information and Electronic Engineering, University
More informationNetwork Security Workshop
Network Security Workshop Threat Pragmatics Fakrul (Pappu) Alam bdhub Limited fakrul@bdhub.com Targets Many sorts of targets: Network infrastructure Network services Application services User machines
More informationThe Disadvantages of Free MIX Routes and How to Overcome Them
The Disadvantages of Free MIX Routes and How to Overcome Them Oliver Berthold 1, Andreas Pfitzmann 1, and Ronny Standtke 2 1 Dresden University of Technology, Germany {ob2,pfitza}@inf.tu-dresden.de 2 Secunet,
More informationUsing Dust Clouds to Enhance Anonymous Communication
Using Dust Clouds to Enhance Anonymous Communication Richard Mortier 1, Anil Madhavapeddy 2, Theodore Hong 2, Derek Murray 2, and Malte Schwarzkopf 2 1 Horizon Digital Economy Research Sir Colin Campbell
More informationRouting in packet-switching networks
Routing in packet-switching networks Circuit switching vs. Packet switching Most of WANs based on circuit or packet switching Circuit switching designed for voice Resources dedicated to a particular call
More informationAircraft Network Design and Protection Against Traffic Analysis
Towards Efficient Traffic-analysis Resistant Anonymity Networks Stevens Le Blond 1 David Choffnes 2 Wenxuan Zhou 3 Peter Druschel 1 Hitesh Ballani 4 Paul Francis 1 1 MPI-SWS 2 Univ. of Washington/ 3 UIUC
More informationSafe and Private Data Sharing with Turtle: Friends Team-Up and Beat the System
Safe and Private Data Sharing with Turtle: Friends Team-Up and Beat the System Bogdan C. Popescu bpopescu@cs.vu.nl Bruno Crispo crispo@cs.vu.nl Andrew S. Tanenbaum ast@cs.vu.nl Abstract In this paper we
More informationEluding Carnivores: File Sharing with Strong Anonymity
Eluding Carnivores: File Sharing with Strong Anonymity Emin Gün Sirer, Sharad Goel, Mark Robson, Doǧan Engin Dept. of Computer Science, Cornell University August 1, 2004 Abstract Anonymity is increasingly
More informationDistributed Systems. 23. Content Delivery Networks (CDN) Paul Krzyzanowski. Rutgers University. Fall 2015
Distributed Systems 23. Content Delivery Networks (CDN) Paul Krzyzanowski Rutgers University Fall 2015 November 17, 2015 2014-2015 Paul Krzyzanowski 1 Motivation Serving web content from one location presents
More informationDenial of Service or Denial of Security?
Denial of Service or Denial of Security? How Attacks on Reliability can Compromise Anonymity ABSTRACT Nikita Borisov University of Illinois at Urbana-Champaign 1308 West Main St. Urbana, IL 61801 nikita@uiuc.edu
More informationHybrid Overlay Multicast Framework draft-irtf-sam-hybrid-overlay-framework-01.txt. John Buford, Avaya Labs Research
Hybrid Overlay Multicast Framework draft-irtf-sam-hybrid-overlay-framework-01.txt John Buford, Avaya Labs Research Topics SAM Charter Recap and Problem Statement AMT(Automatic Multicast Tunneling) Overview
More informationThe Quality of Internet Service: AT&T s Global IP Network Performance Measurements
The Quality of Internet Service: AT&T s Global IP Network Performance Measurements In today's economy, corporations need to make the most of opportunities made possible by the Internet, while managing
More informationI2P - The Invisible Internet Project
Felipe Astolfi fastolfi@gmail.com I2P - The Invisible Internet Project Jelger Kroese jelgerkroese@gmail.com Jeroen van Oorschot post@jeroenvanoorschot.nl ABSTRACT I2P is an open source Internet technology
More informationThe Coremelt Attack. Ahren Studer and Adrian Perrig. We ve Come to Rely on the Internet
The Coremelt Attack Ahren Studer and Adrian Perrig 1 We ve Come to Rely on the Internet Critical for businesses Up to date market information for trading Access to online stores One minute down time =
More informationCMPT 471 Networking II
CMPT 471 Networking II Firewalls Janice Regan, 2006-2013 1 Security When is a computer secure When the data and software on the computer are available on demand only to those people who should have access
More informationWhite Paper. avaya.com 1. Table of Contents. Starting Points
White Paper Session Initiation Protocol Trunking - enabling new collaboration and helping keep the network safe with an Enterprise Session Border Controller Table of Contents Executive Summary...1 Starting
More informationAn Active Packet can be classified as
Mobile Agents for Active Network Management By Rumeel Kazi and Patricia Morreale Stevens Institute of Technology Contact: rkazi,pat@ati.stevens-tech.edu Abstract-Traditionally, network management systems
More informationTraffic Analysis. Scott E. Coull RedJack, LLC. Silver Spring, MD USA. Side-channel attack, information theory, cryptanalysis, covert channel analysis
Traffic Analysis Scott E. Coull RedJack, LLC. Silver Spring, MD USA Related Concepts and Keywords Side-channel attack, information theory, cryptanalysis, covert channel analysis Definition Traffic analysis
More informationA Survey on Tor and I2P
A Survey on Tor and I2P Bernd Conrad and Fatemeh Shirazi Department of Computer Science, TU Darmstadt Darmstadt, Germany Email: {bconrad,fshirazi}@cdc.informatik.tu-darmstadt.de Abstract This paper gives
More informationNetwork Management, Performance Characteristics, and Commercial Terms Policy. (1) mispot's Terms of Service (TOS), viewable at mispot.net.
Network Management, Performance Characteristics, and Commercial Terms Policy Consistent with FCC regulations 1, Agri-Valley Broadband, Inc., d/b/a mispot (mispot) provides this information about our broadband
More informationWAVE: Popularity-based and Collaborative In-network Caching for Content-Oriented Networks
WAVE: Popularity-based and Collaborative In-network Caching for Content-Oriented Networks K. D. Cho et al., IEEE INFOCOM 2012 Workshop, pp. 316-321, March 2012. January 17, 2013 Byeong-Gi Kim Park Laboratory,
More informationThe Attack to Alice S Attorneys' Models
Practical Traffic Analysis: Extending and Resisting Statistical Disclosure Nick Mathewson and Roger Dingledine The Free Haven Project {nickm,arma}@freehaven.net Abstract. We extend earlier research on
More informationSecurity issues in Voice over IP: A Review
www.ijecs.in International Journal Of Engineering And Computer Science ISSN:2319-7242 Volume 3 Issue 2 February, 2014 Page No. 3879-3883 Security issues in Voice over IP: A Review Rajni a, Preeti a, Ritu
More informationCHAPTER 1 INTRODUCTION
21 CHAPTER 1 INTRODUCTION 1.1 PREAMBLE Wireless ad-hoc network is an autonomous system of wireless nodes connected by wireless links. Wireless ad-hoc network provides a communication over the shared wireless
More informationPrivacy Vulnerabilities in Encrypted HTTP Streams
University of Massachusetts - Amherst ScholarWorks@UMass Amherst Computer Science Department Faculty Publication Series Computer Science 2005 Privacy Vulnerabilities in Encrypted HTTP Streams George Dean
More informationOctopus: Anonymous and Secure DHT Lookup
Octopus: Anonymous and Secure DHT Lookup Abstract Distributed Hash Table (DHT) lookup is a core technique in structured peer-to-peer (P2P) networks. Its decentralized nature introduces security and privacy
More informationMarch 2005. PGP White Paper. Transport Layer Security (TLS) & Encryption: Complementary Security Tools
March 2005 PGP White Paper Transport Layer Security (TLS) & Encryption: Complementary Security Tools PGP White Paper TLS & Encryption 1 Table of Contents INTRODUCTION... 2 HISTORY OF TRANSPORT LAYER SECURITY...
More informationA Lightweight Secure SIP Model for End-to-End Communication
A Lightweight Secure SIP Model for End-to-End Communication Weirong Jiang Research Institute of Information Technology, Tsinghua University, Beijing, 100084, P.R.China jwr2000@mails.tsinghua.edu.cn Abstract
More informationCHAPTER 8 CONCLUSION AND FUTURE ENHANCEMENTS
137 CHAPTER 8 CONCLUSION AND FUTURE ENHANCEMENTS 8.1 CONCLUSION In this thesis, efficient schemes have been designed and analyzed to control congestion and distribute the load in the routing process of
More information