Denial of Service or Denial of Security? How Attacks on Reliability can Compromise Anonymity
نویسندگان
چکیده
We consider the effect attackers who disrupt anonymous communications have on the security of traditional highand low-latency anonymous communication systems, as well as on the Hydra-Onion and Cashmere systems that aim to offer reliable mixing, and Salsa, a peer-to-peer anonymous communication network. We show that denial of service (DoS) lowers anonymity as messages need to get retransmitted to be delivered, presenting more opportunities for attack. We uncover a fundamental limit on the security of mix networks, showing that they cannot tolerate a majority of nodes being malicious. Cashmere, Hydra-Onion, and Salsa security is also badly affected by DoS attackers. Our results are backed by probabilistic modeling and extensive simulations and are of direct applicability to deployed anonymity systems.
منابع مشابه
Detecting Denial of Service Message Flooding Attacks in SIP based Services
Increasing the popularity of SIP based services (VoIP, IPTV, IMS infrastructure) lead to concerns about its security. The main signaling protocol of next generation networks and VoIP systems is Session Initiation Protocol (SIP). Inherent vulnerabilities of SIP, misconfiguration of its related components and also its implementation deficiencies cause some security concerns in SIP based infra...
متن کاملHF-Blocker: Detection of Distributed Denial of Service Attacks Based On Botnets
Abstract—Today, botnets have become a serious threat to enterprise networks. By creation of network of bots, they launch several attacks, distributed denial of service attacks (DDoS) on networks is a sample of such attacks. Such attacks with the occupation of system resources, have proven to be an effective method of denying network services. Botnets that launch HTTP packet flood attacks agains...
متن کاملNeural Network Based Protection of Software Defined Network Controller against Distributed Denial of Service Attacks
Software Defined Network (SDN) is a new architecture for network management and its main concept is centralizing network management in the network control level that has an overview of the network and determines the forwarding rules for switches and routers (the data level). Although this centralized control is the main advantage of SDN, it is also a single point of failure. If this main contro...
متن کاملDenial-of-Service & Distributed Denial-of-Service on The Internet
Denial-of-Service and Distributed Denial-of-Service is costing the economy world-wide billions of dollars. The economy is the cornerstone of our society and its collapse will certainly change the way in which humanity exists today. The three main goals of computer security are availability, confidentiality and integrity. The focus of this paper is on attacks that compromise the availability of ...
متن کاملA Security Evaluation of the Salsa Anonymous Communication System
We evaluate a state of the art P2P anonymous communication system, Salsa. Salsa is based on a distributed hash table, and uses secure lookups to locate relays for anonymous communication. To analyze user anonymity in Salsa, we first build an analytic model for the lookup security in Salsa, and model its path building mechanism as a stochastic activity network in the Möbius framework. Next, we a...
متن کامل