Modeling Entropy in Onion Routing Networks

Slides:

Advertisements

Similar presentations

Randomness Conductors Expander Graphs Randomness Extractors Condensers Universal Hash Functions

Advertisements

A Formal Analysis of Onion Routing 10/26/2007 Aaron Johnson (Yale) with Joan Feigenbaum (Yale) Paul Syverson (NRL)

Costas Busch Louisiana State University CCW08. Becomes an issue when designing algorithms The output of the algorithms may affect the energy efficiency.

Definition of the Anonymity of Mix Network Runs Andrei Serjantov University of Cambridge Computer Laboratory.

LASTor: A Low-Latency AS-Aware Tor Client

Self-Organized Anonymous Authentication in Mobile Ad Hoc Networks Julien Freudiger, Maxim Raya and Jean-Pierre Hubaux SECURECOMM, 2009.

Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.

Trust-based Anonymous Communication: Models and Routing Algorithms Aaron Johnson Paul Syverson Roger Dingledine Nick Mathewson U.S. Naval Research Laboratory.

Balázs Sziklai Selfish Routing in Non-cooperative Networks.

A Probabilistic Model for Road Selection in Mobile Maps Thomas C. van Dijk Jan-Henrik Haunert W2GIS, 5 April 2013.

Message Splitting Against the Partial Adversary Andrei Serjantov The Free Haven Project (UK) Steven J Murdoch University of Cambridge Computer Laboratory.

Slicing the Onion: Anonymous Routing without PKI Saurabh Shrivastava CS 259

Cashmere: Resilient Anonymous Routing CS290F March 7, 2005.

Responder Anonymity and Anonymous Peer-to-Peer File Sharing. by Vincent Scarlata, Brian Levine and Clay Shields Presentation by Saravanan.

Modelling and Analysing of Security Protocol: Lecture 9 Anonymous Protocols: Theory.

1 Lecture 24: Interconnection Networks Topics: communication latency, centralized and decentralized switches (Sections 8.1 – 8.5)

P-Grid Presentation by Thierry Lopez P-Grid: A Self-organizing Structured P2P System Karl Aberer, Philippe Cudré-Mauroux, Anwitaman Datta, Zoran Despotovic,

Towards an Analysis of Onion Routing Security Syverson, Tsudik, Reed, and Landwehr PET 2000 Presented by: Adam Lee 1/26/2006 Syverson, Tsudik, Reed, and.

Preventing Active Timing Attacks in Low- Latency Anonymous Communication The 10 th Privacy Enhancing Technologies Symposium July 2010 Joan Feigenbaum Yale.

Toward Prevention of Traffic Analysis Fengfeng Tu 11/26/01.

On the Anonymity of Anonymity Systems Andrei Serjantov (anonymous)

A Tale of Research: From Crowds to Deeper Understandings Matthew Wright Jan. 25, : Adv. Network Security.

Freenet: A Distributed Anonymous Information Storage and Retrieval System Presenter: Chris Grier ECE 598nb Spring 2006.

User Cooperation via Rateless Coding Mahyar Shirvanimoghaddam, Yonghui Li, and Branka Vucetic The University of Sydney, Australia IEEE GLOBECOM 2012 &

Gergely Tóth, 5 November Nordsec 2004, Helsinki, Finland, 4-5 November 2004 Measuring Anonymity Revisited Gergely Tóth Zoltán Hornák Ferenc Vajda.

1 Anonymity and Covert Channels in Simple, Timed Mix-firewalls Richard E. Newman --- UF Vipan R. Nalla -- UF Ira S. Moskowitz --- NRL

Online Social Networks and Media

Preserving Location Privacy in Wireless LANs Jiang, Wang and Hu MobiSys 2007 Presenter: Bibudh Lahiri.

Mixminion: Design of a Type III Anonymous R er Protocol George Danezis Roger Dingledine Nick Mathewson Presented By Michael LeMay.

1 - CS7701 – Fall 2004 Review of: Detecting Network Intrusions via Sampling: A Game Theoretic Approach Paper by: – Murali Kodialam (Bell Labs) – T.V. Lakshman.

Gergely Tóth, 23 September IWCIT’03, Gliwice, Poland, September 2003 Measure for Anonymity Gergely Tóth Budapest University of Technology and.

CIAR Summer School Tutorial Lecture 1b Sigmoid Belief Nets Geoffrey Hinton.

Ways to reduce the risks of Crowds and further study of web anonymity By: Manasi N Pradhan.

Mix networks with restricted routes PET 2003 Mix Networks with Restricted Routes George Danezis University of Cambridge Computer Laboratory Privacy Enhancing.

Optimization Problems in Wireless Coding Networks Alex Sprintson Computer Engineering Group Department of Electrical and Computer Engineering.

Anonymous communication over social networks Shishir Nagaraja and Ross Anderson Security Group Computer Laboratory.

Modified Onion Routing GYANRANJAN HAZARIKA AND KARAN MIRANI.

Distributed, Self-stabilizing Placement of Replicated Resources in Emerging Networks Bong-Jun Ko, Dan Rubenstein Presented by Jason Waddle.

Making the Neutral Traffic Matrix More Meaningful Joseph Choi.

CSC2535 Lecture 5 Sigmoid Belief Nets

CS 6401 Intra-domain Routing Outline Introduction to Routing Distance Vector Algorithm.

A New Class of Mobility Models for Ad Hoc Wireless Networks Rahul Amin Advisor: Dr. Carl Baum Clemson University SURE 2006.

ENTROPY Entropy measures the uncertainty in a random experiment. Let X be a discrete random variable with range S X = { 1,2,3,... k} and pmf p k = P X.

1 Anonymity. 2 Overview  What is anonymity?  Why should anyone care about anonymity?  Relationship with security and in particular identification 

Modified Onion Routing GYANRANJAN HAZARIKA AND KARAN MIRANI.

PROJECT DOMAIN : NETWORK SECURITY Project Members : M.Ananda Vadivelan & E.Kalaivanan Department of Computer Science.

Modified Onion Routing and its Proof of Concept By: Gyanranjan Hazarika.

William Stallings Data and Computer Communications

Delay-Tolerant Networks (DTNs)

Computer Architecture and Assembly Language

Lecture 23: Interconnection Networks

Anonymity Metrics R. Newman.

---On the ‘Vuvuzela’ Scheme

Distributed Energy Efficient Clustering (DEEC) Routing Protocol

Towards Measuring Anonymity

An Introduction to Privacy and Anonymous Communication

0x1A Great Papers in Computer Security

Anonymity in Structured Peer-to-Peer Networks

Free-route Mixes vs. Cascades

Centralities (4) Ralucca Gera,

Communication operations

Intradomain Routing Outline Introduction to Routing

Alex Guy packets (stars) tor routers users web servers (squares)

Katz Centrality (directed graphs).

<month year> <doc.: IEEE doc> January 2013

Anonymity and Covert Channels in Simple, Timed Mix-firewalls

Computer Architecture and Assembly Language

Theory of Information Lecture 13

Anonymity – Generalizing Mixes

Contributors: Connor McCoy

Presentation transcript:

Modeling Entropy in Onion Routing Networks Danish Lakhani Anthony Giardullo

Overview Global Passive Attacker With Some Compromised Nodes Want a measure of how much anonymity the network provides

Measuring Anonymity

Anonymous Communication Model Towards an Information Theoretic Metric for Anonymity [Serjantov, Danezis ’02] A set of all users  in the system r  R {sender, recipient} is a role for the user w.r.t. a message M U : attacker’s a-priori probability distribution of the users u   having the role r w.r.t. message M s.t.

Entropy (as a measure of anonymity) An effective (anonymous) set size S of an r anonymity probability distribution U is equal to the entropy of the distribution: where pu = U(u,r) S could be thought of as the number of additional bits of information needed by the attacker to completely identify the user u with role r for a message M if S = 0, the communication channel is completely compromised if S = log2||, the communication channel provides perfect R anonymity

Entropy of Mix Systems 1 1 S = 1.58496 Mix (= Entropy for the Simple case: Onion Length = 1,  = 3 S = 1.58496 Mix (= Entropy for the Uniform Distrib. n = 3) pGood = 1 pGood = 1 1 Mix S = 0 (= No anonymity because of lack of mixing) pBad = (1-pGood) = 1 Attacker’s information

PRISM Condition  Action Condition  prob : Action prob : Action …

Problems with PRISM No Arrays/Data Structures Each rule can only have a constant number of transitions Sometimes difficult to parameterize

Extend PRISM language Added array indexing Added For Loops to create many rules Created PRISM files with tens of thousands of lines of code

Our First Model Fully connected network Messages entering good nodes could be sent to every other node with equal probability Messages entering bad nodes are sent to a single next node

Better Model Model random network traffic Assume nodes “mix” traffic Generate random multi-graph model

Parameters Probability a node is compromised Total # messages (paths) in network Minimum length of a path Maximum length of a path Total # users Total # mix-nodes Random seed

Limitations Tried to minimize the number of reachable states in PRISM for our model PRISM could only handle up to around 100 nodes with 100 messages

Extending the Model Calculate entropy of the system given a maximum and minimum length for all message paths. Improved our modeled attacker’s knowledge Could not improve as much as we wanted to using PRISM

Example