Securing anonymous communication channels under the selective DoS attack

Anupam Das, Nikita Borisov

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Anonymous communication systems are subject to selective denial-of-service (DoS) attacks. Selective DoS attacks lower anonymity as they force paths to be rebuilt multiple times to ensure delivery, which increases the opportunity for more attack. We present a detection algorithm that filters out compromised communication channels for one of the most widely used anonymity networks, Tor. Our detection algorithm uses two levels of probing to filter out potentially compromised tunnels. We probabilistically analyze our detection algorithm and show its robustness against selective DoS attacks through simulation. We also analyze the overhead of our algorithm and show that we can achieve better security guarantee than the conventional Tor path selection algorithm, while adding only approximately 5% bandwidth overhead to the Tor network. Finally, we validate our design with experiments using the live Tor network.

Original languageEnglish (US)
Title of host publicationFinancial Cryptography and Data Security - 17th International Conference, FC 2013, Revised Selected Papers
Pages362-370
Number of pages9
DOIs
StatePublished - Sep 5 2013
Event17th International Conference on Financial Cryptography and Data Security, FC 2013 - Okinawa, Japan
Duration: Apr 1 2013Apr 5 2013

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume7859 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other17th International Conference on Financial Cryptography and Data Security, FC 2013
CountryJapan
CityOkinawa
Period4/1/134/5/13

Keywords

  • Anonymity
  • Tor network
  • denial of service (DoS) attack

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'Securing anonymous communication channels under the selective DoS attack'. Together they form a unique fingerprint.

Cite this