دفاع در برابر حمله سطحی پروتکل در شبکه Tor
Abstract
1- Introduction
2- Related wor
3- Proposed methodology
4- Results and discussion
5- Conclusion
References
Abstract
Among different types of network, Tor network is mostly referred as an onion-routing network which enables the anonymous communication and supports TCP applications over the network. The onion-routing is utilized by the Tor network for transmitting the information of users via virtual circuits which are created by several successive relays. The performance and security of the anonymous communication in Tor network have been improved by using Novel Traffic Dividing and Scheduling (NTDS) mechanism. Normally, this mechanism was used for preventing the basic versions of sniper attacks in the Tor network. On the other hand, protocol-level attacks were not possible to prevent since some malicious entry router may duplicate, alter, insert or delete the TCP stream cells from the sender. This may cause cell recognition errors at the exit router and these cell recognition errors were recognized at the destination which helps to identify the sender. Hence, in this article, a defense mechanism called Mid-DRRQ is proposed for protocol-level attacks against Tor network. In Mid-DRRQ mechanism, the protocol-level attacks are prevented by using indistinguishability obfuscation model which generates the fake traffic within the middle relay. This fake traffic is allowed on outgoing connections without any cover traffic. Moreover, the outgoing connections of middle relays are controlled by using Deficit Round Robin queuing process. Finally, the simulation results show that the proposed mechanism effectively prevents the protocol-level attacks against Tor network.
Introduction
The most necessity area on the network is an anonymous communication which appears ultimately within accomplish as a common commercial exploitation of Onion Routing [1]. Tor network is defined as the operational network for many decades and consists of nearly two thousand nodes and few hundred thousand users [2]. It is developed from Onion Router as open software for providing available online anonymity. The onion routing is referred as the levels of encryption where the original information is encrypted by using the destination information at many times and this information are transmitted through the virtual circuits consisting of several Tor relays. The relay node is used for decrypting the level of encrypted information and offering the encrypted information to the successive relay nodes in the circuit for decryption process. In Tor network, the original information is sent without denoting the destination information. It is used for different applications however various attacks have been detected in Tor network due to its growth of deployment [3,4]. The performance and anonymous communication in the Tor network was improved by Novel Traffic Dividing and Scheduling (NTDS) mechanism [5]. By using this mechanism, the traffic was divided according to the different metrics like throughput, delay, bandwidth capacity, and congestion level. The separated traffic was distributed over the each circuit. The basic versions of the sniper attacks were detected and prevented by using NTDS method. However, it was impossible to defend the protocol-level attacks in the Tor network which are also degrades the anonymity performance.