TY - GEN
T1 - Analyzing an adaptive reputation metric for anonymity systems
AU - Das, Anupam
AU - Borisov, Nikita
AU - Caesar, Matthew
PY - 2014
Y1 - 2014
N2 - Low-latency anonymity systems such as Tor rely on intermediate relays to forward user traffic; these relays, however, are often unreliable, resulting in a degraded user experience. Worse yet, malicious relays may introduce deliberate failures in a strategic manner in order to increase their chance of compromising anonymity. In this paper we propose using a reputation metric that can profile the reliability of relays in an anonymity system based on users' past experience. The two main challenges in building a reputation-based system for an anonymity system are: first, malicious participants can strategically oscillate between good and malicious nature to evade detection, and second, an observed failure in an anonymous communication cannot be uniquely attributed to a single relay. Our proposed framework addresses the former challenge by using a proportional-integral-derivative (PID) controller-based reputation metric that ensures malicious relays adopting time-varying strategic behavior obtain low reputation scores over time, and the latter by introducing a filtering scheme based on the evaluated reputation score to effectively discard relays mounting attacks. We collect data from the live Tor network and perform simulations to validate the proposed reputation-based filtering scheme. We show that an attacker does not gain any significant benefit by performing deliberate failures in the presence of the proposed reputation framework.
AB - Low-latency anonymity systems such as Tor rely on intermediate relays to forward user traffic; these relays, however, are often unreliable, resulting in a degraded user experience. Worse yet, malicious relays may introduce deliberate failures in a strategic manner in order to increase their chance of compromising anonymity. In this paper we propose using a reputation metric that can profile the reliability of relays in an anonymity system based on users' past experience. The two main challenges in building a reputation-based system for an anonymity system are: first, malicious participants can strategically oscillate between good and malicious nature to evade detection, and second, an observed failure in an anonymous communication cannot be uniquely attributed to a single relay. Our proposed framework addresses the former challenge by using a proportional-integral-derivative (PID) controller-based reputation metric that ensures malicious relays adopting time-varying strategic behavior obtain low reputation scores over time, and the latter by introducing a filtering scheme based on the evaluated reputation score to effectively discard relays mounting attacks. We collect data from the live Tor network and perform simulations to validate the proposed reputation-based filtering scheme. We show that an attacker does not gain any significant benefit by performing deliberate failures in the presence of the proposed reputation framework.
KW - Anonymity
KW - Pid controller.
KW - Reputation model
KW - Tor network
UR - http://www.scopus.com/inward/record.url?scp=84906818187&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84906818187&partnerID=8YFLogxK
U2 - 10.1145/2600176.2600187
DO - 10.1145/2600176.2600187
M3 - Conference contribution
AN - SCOPUS:84906818187
SN - 9781450329071
T3 - ACM International Conference Proceeding Series
BT - Proceedings of the 2014 Symposium and Bootcamp on the Science of Security, HotSoS 2014
PB - Association for Computing Machinery
T2 - 2014 Symposium and Bootcamp on the Science of Security, HotSoS 2014
Y2 - 8 April 2014 through 9 April 2014
ER -