Presentation is loading. Please wait.

Presentation is loading. Please wait.

Denial-of-Service Flooding Detection in Anonymity Networks Computer Networks & Communications Group Institute for IT-Security and Security Law University.

Published byDouglas Park Modified over 9 years ago

Similar presentations

Presentation on theme: "Denial-of-Service Flooding Detection in Anonymity Networks Computer Networks & Communications Group Institute for IT-Security and Security Law University."— Presentation transcript:

1 Denial-of-Service Flooding Detection in Anonymity Networks Computer Networks & Communications Group Institute for IT-Security and Security Law University of Passau Germany Performance Measurement and Management for Two-Level Optimization of Networks and Peer-to-Peer Applications (GR/S69009/01) Network of Excellence: Design and Engineering of the Future Generation Internet (IST-028022) Jens Oberender Melanie Volkamer Hermann de Meer MonAM 2007 LAAS-CNRS, Toulouse, France 5. November 2007

2 jens.oberender@uni-passau.de Attacks in Anonymity Networks  Chaum’s Mixer  A sender remains anonymous, if an adversary catches no evidence on sender identity  How to protect receivers from anonymous flooding attacks? 1. Enable traffic flow detection  DoS attack detection 2. Prevent anonymity breach  protect sender identity  Message Tagging 21.10.2015DoS Flooding Detection in Anonymity Networks2

3 jens.oberender@uni-passau.de Linkability Continuum  Two messages are linkable by an adversary, if evidence on their relation can be provided.  Pseudonyms –Adversary links all messages  malicious profiling  Unobservability +Observer cannot link any messages together  Limited Linkability  Restricted number of linkable messages  Enables traffic flow clustering 21.10.2015DoS Flooding Detection in Anonymity Networks3 1  NoneLifelong #Messages per Profile Message Linkability Limited

4 jens.oberender@uni-passau.de Attacker Model Security Objectives 1. Limited linkability 2. Linkability resistant to malicious influence 21.10.2015DoS Flooding Detection in Anonymity Networks4 Privacy Adversary Aim: disclose sender anonymity Observe incoming tags Collude with other DoS engines Message Flooding Attacker Aim: Denial-of-Service Exhausts victim resources DoS Mitigation Adversary Access Control Attacker Anonymity Network Access Control Adversary Receiver Access Control Adversary Receiver Assumptions  Anonymity Network unbroken  Access Control Entity trusted by sender & receivers

5 jens.oberender@uni-passau.de Message tagging  Fast, local traffic flow cluster criteria  Hash from characteristic strings (key derivation function)  Values not comparable with fresh salt  Linkability control Tag properties  Sender differentiate senders  Receiverdisables cross-server profiling  Time Framedisables lifelong linkability 21.10.2015DoS Flooding Detection in Anonymity Networks5

6 jens.oberender@uni-passau.de Internal vs. External Tags Anonymity Attack using external tags  Collude to learn anonymous paths Proposed internal Message Tagging  Tags reside within encrypted channel 21.10.2015DoS Flooding Detection in Anonymity Networks6

7 jens.oberender@uni-passau.de Clustering of Anonymous Traffic Flows  Anonymous Messages  Header data stripped off, application level analysis needed  Message tags enable flow clustering  Clusters of [ Sender,  ] at Engine  Detection frames cluster partial message flows  Arrival rate 21.10.2015DoS Flooding Detection in Anonymity Networks7

8 jens.oberender@uni-passau.de Clustering of time-based Tags 21.10.2015DoS Flooding Detection in Anonymity Networks8

9 jens.oberender@uni-passau.de Scalability Issues  Clock skew in distributed systems  misuse degrades linkability Access control entity  Counts messages per sender  Logarithm effects on tag 21.10.2015DoS Flooding Detection in Anonymity Networks9 Traffic flow classification  Arrival rate per message tag  Activity profiling

10 jens.oberender@uni-passau.de Sender Linkability  Scales with message volume  Depends on arrival rate towards each receiver  Message tags collisions  Flow splitting increases linkability  Incentive mechanism  Strategic players’ goal: maximize privacy  Inoffensive communication encouraged 21.10.2015DoS Flooding Detection in Anonymity Networks10

11 jens.oberender@uni-passau.de Multiple sender identities  Equivalent to DDoS  No defense against attacks from different sender identities, but…  Example BotNets  Anonymity for attacker only  Proxy functionality  Yet these don’t spy SMTP authentication  Anonymity networks  No need to operate a BotNet  Anonymous attacks using real identity  Hard-to-detect without add-ons  Benefits the privacy of the broad public! 21.10.2015DoS Flooding Detection in Anonymity Networks11

12 jens.oberender@uni-passau.de Conclusions  Partial traffic flows  Ability to detect Anonymous DoS Flooding Attacks state-of-the-art techniques applicable  Sender Anonymity maintained  Sender Privacy  Defense of cross-server profiling  Restricted amount of message linkable  Arrival Rate  Linkability 21.10.2015DoS Flooding Detection in Anonymity Networks12 Jens Oberender

Download ppt "Denial-of-Service Flooding Detection in Anonymity Networks Computer Networks & Communications Group Institute for IT-Security and Security Law University."

Similar presentations

Secure Routing Panel FIND PI Meeting (June 27, 2007) Morley Mao, Jen Rexford, Xiaowei Yang.

Secure Routing Panel FIND PI Meeting (June 27, 2007) Morley Mao, Jen Rexford, Xiaowei Yang.
Keiji Maekawa Graduate School of Informatics, Kyoto University Yasuo Okabe Academic Center for Computing and Media Studies, Kyoto University.

Keiji Maekawa Graduate School of Informatics, Kyoto University Yasuo Okabe Academic Center for Computing and Media Studies, Kyoto University.
Network Security Highlights Nick Feamster Georgia Tech.

Network Security Highlights Nick Feamster Georgia Tech.
Chris Karlof and David Wagner

Chris Karlof and David Wagner
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
Denial of Service in Sensor Networks Anthony D. Wood and John A. Stankovic.

Denial of Service in Sensor Networks Anthony D. Wood and John A. Stankovic.
Addressing spam email and enforcing a Do Not Email Registry using a Certified Electronic Mail System Information Technology Advisory Group, Inc.

Addressing spam and enforcing a Do Not Registry using a Certified Electronic Mail System Information Technology Advisory Group, Inc.
Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL 6788 11.

Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL
How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.

How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.
Hash-Based IP Traceback Best Student Paper ACM SIGCOMM’01.

Hash-Based IP Traceback Best Student Paper ACM SIGCOMM’01.
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.

 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.

CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.
Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,

Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,
CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.
1 Network Security Derived from original slides by Henric Johnson Blekinge Institute of Technology, Sweden From the book by William Stallings.

1 Network Security Derived from original slides by Henric Johnson Blekinge Institute of Technology, Sweden From the book by William Stallings.
The Case for Network-Layer, Peer-to-Peer Anonymization Michael J. Freedman Emil Sit, Josh Cates, Robert Morris MIT Lab for Computer Science IPTPS’02March.

The Case for Network-Layer, Peer-to-Peer Anonymization Michael J. Freedman Emil Sit, Josh Cates, Robert Morris MIT Lab for Computer Science IPTPS’02March.
July 2008IETF 72 - NSIS1 Permission-Based Sending (PBS) NSLP: Network Traffic Authorization draft-hong-nsis-pbs-nslp-01 Se Gi Hong & Henning Schulzrinne.

July 2008IETF 72 - NSIS1 Permission-Based Sending (PBS) NSLP: Network Traffic Authorization draft-hong-nsis-pbs-nslp-01 Se Gi Hong & Henning Schulzrinne.

Similar presentations

Ads by Google