基于SDN节点淆乱机制的接收方不可追踪的混合匿名通道

doi:10.11959/j.issn.1000-436x.2019155

摘要/Abstract

摘要：

针对以Tor为代表的匿名通信系统在时延和下载时间方面的用户体验不够理想的问题，利用新一代软件定义网络带来的优势，面向接收方不可追踪，设计了新的匿名解决方案。提出使用 SDN 域内淆乱的方法，构建基于Tor和SDN的混合匿名通道，提供发送方和接收方匿名，拓展了Tor匿名通道的纵深，有效降低了攻击者对匿名路径的追踪率。实验结果表明，相比Tor，所提方案在增加15%时延的代价下，可提供相当于2条Tor电路的抗追踪能力。

关键词: 匿名通信, 软件定义网络, 混合通道, 淆乱节点

Abstract:

Leveraging the advantages of software defined networking (SDN),a new anonymous communication solution was de-signed for recipient untraceability.An obfuscation scheme in SDN domain was proposed to build a hybrid anonymous channel to solve the problem of large and highly variable delays and download time when using existing anonymous com-munication system such as Tor.The hybrid anonymous channel concatenated two sender anonymous channels in Tor and SDN to provide both sender and receiver anonymity.Adversaries can trace smaller portions of the path in hybrid channel.Experimental results show that the hybrid channel is as anonymous as two connected Tor circuits,with only a small larger latency (15%) compared with Tor.

Key words: anonymous communication, SDN, hybrid channel, obfuscated node

中图分类号:

TP393

赵蕙, 王良民. 基于SDN节点淆乱机制的接收方不可追踪的混合匿名通道[J]. 通信学报, 2019, 40(10): 55-66.

Hui ZHAO, Liangmin WANG. Hybrid anonymous channel for recipient untraceability via SDN-based node obfuscation scheme[J]. Journal on Communications, 2019, 40(10): 55-66.

图/表 16

表1

图1

图2

表2

图3

图4

图5

图6

表3

图7

图8

图9

表4

图11

图10

图12

参考文献 39

[1]	ALSABAH M , GOLDBERG I . Performance and security improvements for Tor:a survey[J]. ACM Computing Surveys, 2016,49(2): 1-36.
[2]	DINGLEDINE R , MATHEWSON N , SYVERSON P . Tor:the second-generation onion router[C]// The 13th USENIX Security Symposium. USENIX, 2004: 1-18.
[3]	BOYAN J . The anonymizer:protecting user privacy on the Web[J]. Computer-Mediated Communication, 1997,4(9): 1-6.
[4]	HERRMANN M , GROTHOFF C . Privacy-implications of performance-based peer selection by onion-routers:a real-world case study using I2P[C]// International Symposium on Privacy Enhancing Technologies Symposium. Springer, 2011: 155-174.
[5]	BERTHOLD O , FEDERRATH H , K?PSELL ，et al. Web MIXes:a system for anonymous and unobservable Internet access[C]// International Workshop on Designing Privacy Enhancing Technologies:Design Issues in Anonymity and Unobservability. Springer, 2000: 115-129.
[6]	CLARKE I , SANDBERG O , WILEY B . Freenet:a distributed anonymous information storage and retrieval system[C]// International Workshop on Designing Privacy Enhancing Technologies:Design Issues in Anonymity and Unobservability. Springer, 2000: 44-66.
[7]	LING Z , LUO J , WU K . TorWard:discovery,blocking,and traceback of malicious traffic over tor[J]. IEEE Transactions on Information Forensics and Security, 2015,10(12): 2515-2530.
[8]	RAYMOND J F , . Traffic analysis:protocols,attacks,design issues,and open problems[M]// Designing Privacy Enhancing Technologies. Berlin Heidelberg:Springer, 2001: 10-29.
[9]	WANG T , GOLDBERG I . On realistically attacking tor with website fingerprinting[J]. Proceedings on Privacy Enhancing Technologies, 2016(4): 21-36.
[10]	BIRYUKOV A , KHOVRATOVICH D , PUSTOGAROV I . Deanonymisation of clients in Bitcoin P2P network[C]// ACM SIGSAC Conference on Computer and Communications Security. ACM, 2014: 15-29.
[11]	黄韬, 刘江, 张晨 ,等. 基于 SDN 的网络试验床综述[J]. 通信学报, 2018,39(6): 155-168.
	HUANG T , LIU J , ZHANG C ，et al Survey on SDN-based network testbeds[J]. Journal on Communications, 2018,39(6): 155-168.
[12]	CHAUM D L . Untraceable electronic mail,return addresses and digital pseudonyms[J]. Communication of the ACM, 1981,24(2): 84-88.
[13]	EDMAN M , YENE R ， BüLEN T . On anonymity in an electronic society:a survey of anonymous communication systems[J]. ACM Computing Surveys, 2009,42(1): 1-35.
[14]	KELLY D , RAINES R , BALDWIN R ,et al. Exploring extant and emerging issues in anonymous networks:a taxonomy and survey of protocols and metrics[J]. IEEE Communications Surveys ＆ Tutorials, 2012,14(2): 579-606.
[15]	KWON A , LAZAR D , DEVADAS S . Riffle:an efficient communication system with strong anonymity[J]. Proceedings on Privacy Enhancing Technologies, 2016(2): 115-134.
[16]	LEBLOND S , CHOFFNES D , ZHOU W . Towards efficient traffic analysis resistant anonymity networks[J]. ACM SIGCOMM Computer Communication Review, 2013,43(4): 303-314.
[17]	BLOND S L , CHOFFNES D , CALDWELL W . Herd:a scalable,traffic analysis resistant anonymity network for VoIP systems[C]// The 2015 ACM Conference. ACM, 2015: 639-652.
[18]	CHEN C . Infrastructure-based anonymous communication protocols in future internet architectures[D]. Pittsburgh:Carnegie Mellon University, 2018.
[19]	SANKEY J , WRIGHT M . Dovetail:stronger anonymity in next generation internet routing[C]// International Symposium on Privacy Enhancing Technologies Symposium. Springer, 2014: 283-303.
[20]	CHEN C , ASONI D E , BARRERA D . HORNET:high-speed onion routing at the network layer[C]// The 22nd ACM SIGSAC Conference on Computer and Communications Security. ACM, 2015: 1441-1454.
[21]	CHEN C , PERRIG A . PHI:path-hidden lightweight anonymity protocol at network layer[J]. Proceedings on Privacy Enhancing Technologies, 2017(1): 1-18.
[22]	CHEN C , DANIELE E , DANEZIS G . TARANET:traffic analysis resistant anonymity at the network layer[C]// IEEE European Symposium on Security and Privacy. IEEE, 2018: 137-152.
[23]	王啸, 方滨兴, 刘培朋 ,等. Tor匿名通信网络节点家族的测量与分析[J]. 通信学报, 2015,36(2): 80-87.
	WANG X , FANG B X , LIU P P ,et al. Measuring and analyzing node families in the Tor anonymous communication network[J]. Journal on Communications, 2015,36(2): 80-87.
[24]	BAUER K , MCCOY D , GRUNWALD D ,et al. Low-resource routing attacks against tor[C]// Proceedings of the 2007 ACM Workshop on Privacy in Electronic Society. ACM, 2007: 11-20.
[25]	潘吴斌, 程光, 郭晓军 ,等. 网络加密流量识别研究综述及展望[J]. 通信学报, 2016,37(9): 154-167.
	PAN W B , CHENG G , GUO X J ,et al. Review and perspective on encrypted traffic identification research[J]. Journal on Communications, 2016,37(9): 154-167.
[26]	CHAKRAVARTY S , BARBERA M V , PORTOKALIDIS G . On the effectiveness of traffic analysis against anonymity networks using flow records[C]// International Conference on Passive and Active Network Measurement. Springer, 2014: 247-257.
[27]	LING Z , LUO J , YU W ,et al. Protocol-level attacks against Tor[J]. Computer Networks, 2013,57(4): 869-886.
[28]	KWON A , ALSABAH M , LAZAR D . Circuit fingerprinting attacks:passive deanonymization of tor hidden services[C]// USENIX Conference on Security Symposium. USENIX Association, 2015: 287-302.
[29]	ZHU T , FENG D , WANG F . Efficient anonymous communication in sdn-based data center networks[J]. IEEE/ACM Transactions on Networking, 2017,25(6): 3767-3780.
[30]	MEIER R , GUGELMANN D , VANBEVER L . iTAP:in-network traffic analysis prevention using software-defined networks[C]// The Symposium on SDN Research. ACM, 2017: 102-114.
[31]	TATLICIOGLU S , CIVANLAR S , GORKEMLI B . A security services platform for software defined networks[C]// IEEE Conference on Network Function Virtualization and Software Defined Networks. IEEE, 2016: 39-43.
[32]	JAFARIAN J H , AL-SHAER E , DUAN Q . OpenFlow random host mutation:transparent moving target defense using software defined networking[C]// ACM SIGCOMM Workshop on Hot Topics in Software Defined Networks. ACM, 2012: 127-132.
[33]	MACFARLAND D C , SHUE C A . The SDN shuffle:creating a moving-target defense using host-based software-defined networking[C]// The 2th ACM Workshop on Moving Target Defense. ACM, 2015: 37-41.
[34]	SKOWYRA R , BAUER K , DEDHIA V . No PHEAR:networks without identifiers[C]// The 3th ACM Workshop on Moving Target Defense. ACM, 2016: 3-14.
[35]	SILVA E G D , KNOB L A D , WICKBOLDT J A . Capitalizing on SDN-based SCADA systems:an anti-eavesdropping case-study[C]// IFIP/IEEE International Symposium on Integrated Network Management. IEEE, 2015: 165-173.
[36]	LING Z , LUO J , WU K . Protocol-level hidden server discovery[C]// The 32th IEEE International Conference on Computer Communications. IEEE, 2013: 1043-1051.
[37]	KONG J J , HONG X Y . ANODR:anonymous on demand routing with untraceable routes for mobile ad-hoc networks[C]// International Symposium on Mobile Ad Hoc Networking and Computing. ACM, 2003: 291-302.
[38]	SAKAI K , SUN M T , KU W S . Performance and security analyses of onion-based anonymous routing for delay tolerant networks[J]. IEEE Transactions on Mobile Computing, 2017,16(12): 3473-3487.
[39]	WIRTZ G , SANDMANN W , LOESING K . Performance measurements and statistics of tor hidden services[C]// International Symposium on Applications and the Internet. IEEE, 2008: 1-7.

典型工具	协议层位置	可拓展性	时延性	吞吐量	安全性	匿名性	部署规模
Mix-net	应用层	低	高	<100 kbit/s	强	抵制流量分析	区域部署
Tor/I2P	应用层	中	中	100 Mbit/s	中	按位不可关联	全球规模化部署
LAP/Dovetail	网络层	高	低	100 Gbit/s	弱	隐藏转发路径	尚未规模化部署

符号	定义
Alice	消息发送方节点
Bob	消息接收方节点
Bobo	接收方节点选择的淆乱节点
SC	SDN控制器
TDS	目标目录服务器
PK_X	节点X的公钥
SK_X	节点X的私钥
K_XY	节点X和Y共享的对称密钥
g^XY	Diffie-Hellman握手
{M}	混合通道中使用对称加密传输的消息

匿名属性	R₁∈C		R_r∈C		R₁∈C且R_r∈C
匿名属性	Tor	混合通道	Tor	混合通道	Tor	混合通道
发送方身份保护	8	8	9	9	8	8
发送方内容保护	9	9	9	9	8	9
接收方身份保护	9	9	8	9	8	9
接收方内容保护	9	9	8	9	8	9
通信关联性保护	9	9	9	9	8	9

步骤	说明
a₁	Bob向控制器申请到Bobo的SDN匿名通道
a₂	Bob建立到引入点的Tor电路
b₁	Alice建立到TDS的Tor电路，查询下载Bob淆乱节点连接信息
b₂	Alice建立到隐藏目录服务器的Tor电路，查询下载引入点信息
c₁	Alice建立到Bobo的Tor电路
c₂	Alice建立到Bobo的Tor电路；同时Alice向汇聚节点建立Tor电路，请求该节点做自己的汇聚节点并得到应答
d₁	Alice通过Tor电路连接到Bobo，发送DH握手的前半部分和向Bob的访问请求，由Bobo中继消息给Bob
d₂	Alice通过Tor电路连接到引入点，发送DH握手的前半部分，汇聚点信息和向Bob的访问请求，由引入节点中继消息给Bob
e₁	Bobo通过SDN匿名通道中继d1步骤中来自Alice的消息给Bob
e₂	引入点通过Tor电路中继d₂步骤中来自Alice的消息给Bob
f₁	Bob把应答和DH握手的另一半，通过SDN匿名通道发送给Bobo，由Bobo中继消息给Alice
f₂	Bob 把应答通过 Tor 电路发送给引入点，由引入点中继给Alice
g₁	Bobo通过Tor电路中继f₁步骤中来自Bob的消息给Alice，至此，Alice和Bob完成握手
g₂	引入点通过Tor电路向Alice中继Bob的应答消息，Alice收到后撤销与引入点之间的Tor电路
h₁	Alice和Bob通过Bobo进行数据通信
h₂	Bob向汇聚点建立Tor电路，发送DH握手的另一半，将汇聚点中继给Alice，Alice和Bob完成握手
i₂	Alice和Bob通过汇聚点进行数据通信