Journal on Communications ›› 2019, Vol. 40 ›› Issue (10): 55-66.doi: 10.11959/j.issn.1000-436x.2019155
• Papers • Previous Articles Next Articles
Hui ZHAO, Liangmin WANG
Revised:
2019-06-06
Online:
2019-10-25
Published:
2019-11-07
Supported by:
CLC Number:
Hui ZHAO, Liangmin WANG. Hybrid anonymous channel for recipient untraceability via SDN-based node obfuscation scheme[J]. Journal on Communications, 2019, 40(10): 55-66.
"
步骤 | 说明 |
a1 | Bob向控制器申请到Bobo的SDN匿名通道 |
a2 | Bob建立到引入点的Tor电路 |
b1 | Alice建立到TDS的Tor电路,查询下载Bob淆乱节点连接信息 |
b2 | Alice建立到隐藏目录服务器的Tor电路,查询下载引入点信息 |
c1 | Alice建立到Bobo的Tor电路 |
c2 | Alice建立到Bobo的Tor电路;同时Alice向汇聚节点建立Tor电路,请求该节点做自己的汇聚节点并得到应答 |
d1 | Alice通过Tor电路连接到Bobo,发送DH握手的前半部分和向Bob的访问请求,由Bobo中继消息给Bob |
d2 | Alice通过Tor电路连接到引入点,发送DH握手的前半部分,汇聚点信息和向Bob的访问请求,由引入节点中继消息给Bob |
e1 | Bobo通过SDN匿名通道中继d1步骤中来自Alice的消息给Bob |
e2 | 引入点通过Tor电路中继d2步骤中来自Alice的消息给Bob |
f1 | Bob把应答和DH握手的另一半,通过SDN匿名通道发送给Bobo,由Bobo中继消息给Alice |
f2 | Bob 把应答通过 Tor 电路发送给引入点,由引入点中继给Alice |
g1 | Bobo通过Tor电路中继f1步骤中来自Bob的消息给Alice,至此,Alice和Bob完成握手 |
g2 | 引入点通过Tor电路向Alice中继Bob的应答消息,Alice收到后撤销与引入点之间的Tor电路 |
h1 | Alice和Bob通过Bobo进行数据通信 |
h2 | Bob向汇聚点建立Tor电路,发送DH握手的另一半,将汇聚点中继给Alice,Alice和Bob完成握手 |
i2 | Alice和Bob通过汇聚点进行数据通信 |
[1] | ALSABAH M , GOLDBERG I . Performance and security improvements for Tor:a survey[J]. ACM Computing Surveys, 2016,49(2): 1-36. |
[2] | DINGLEDINE R , MATHEWSON N , SYVERSON P . Tor:the second-generation onion router[C]// The 13th USENIX Security Symposium. USENIX, 2004: 1-18. |
[3] | BOYAN J . The anonymizer:protecting user privacy on the Web[J]. Computer-Mediated Communication, 1997,4(9): 1-6. |
[4] | HERRMANN M , GROTHOFF C . Privacy-implications of performance-based peer selection by onion-routers:a real-world case study using I2P[C]// International Symposium on Privacy Enhancing Technologies Symposium. Springer, 2011: 155-174. |
[5] | BERTHOLD O , FEDERRATH H , K?PSELL ,et al. Web MIXes:a system for anonymous and unobservable Internet access[C]// International Workshop on Designing Privacy Enhancing Technologies:Design Issues in Anonymity and Unobservability. Springer, 2000: 115-129. |
[6] | CLARKE I , SANDBERG O , WILEY B . Freenet:a distributed anonymous information storage and retrieval system[C]// International Workshop on Designing Privacy Enhancing Technologies:Design Issues in Anonymity and Unobservability. Springer, 2000: 44-66. |
[7] | LING Z , LUO J , WU K . TorWard:discovery,blocking,and traceback of malicious traffic over tor[J]. IEEE Transactions on Information Forensics and Security, 2015,10(12): 2515-2530. |
[8] | RAYMOND J F , . Traffic analysis:protocols,attacks,design issues,and open problems[M]// Designing Privacy Enhancing Technologies. Berlin Heidelberg:Springer, 2001: 10-29. |
[9] | WANG T , GOLDBERG I . On realistically attacking tor with website fingerprinting[J]. Proceedings on Privacy Enhancing Technologies, 2016(4): 21-36. |
[10] | BIRYUKOV A , KHOVRATOVICH D , PUSTOGAROV I . Deanonymisation of clients in Bitcoin P2P network[C]// ACM SIGSAC Conference on Computer and Communications Security. ACM, 2014: 15-29. |
[11] | 黄韬, 刘江, 张晨 ,等. 基于 SDN 的网络试验床综述[J]. 通信学报, 2018,39(6): 155-168. |
HUANG T , LIU J , ZHANG C ,et al Survey on SDN-based network testbeds[J]. Journal on Communications, 2018,39(6): 155-168. | |
[12] | CHAUM D L . Untraceable electronic mail,return addresses and digital pseudonyms[J]. Communication of the ACM, 1981,24(2): 84-88. |
[13] | EDMAN M , YENE R , BüLEN T . On anonymity in an electronic society:a survey of anonymous communication systems[J]. ACM Computing Surveys, 2009,42(1): 1-35. |
[14] | KELLY D , RAINES R , BALDWIN R ,et al. Exploring extant and emerging issues in anonymous networks:a taxonomy and survey of protocols and metrics[J]. IEEE Communications Surveys & Tutorials, 2012,14(2): 579-606. |
[15] | KWON A , LAZAR D , DEVADAS S . Riffle:an efficient communication system with strong anonymity[J]. Proceedings on Privacy Enhancing Technologies, 2016(2): 115-134. |
[16] | LEBLOND S , CHOFFNES D , ZHOU W . Towards efficient traffic analysis resistant anonymity networks[J]. ACM SIGCOMM Computer Communication Review, 2013,43(4): 303-314. |
[17] | BLOND S L , CHOFFNES D , CALDWELL W . Herd:a scalable,traffic analysis resistant anonymity network for VoIP systems[C]// The 2015 ACM Conference. ACM, 2015: 639-652. |
[18] | CHEN C . Infrastructure-based anonymous communication protocols in future internet architectures[D]. Pittsburgh:Carnegie Mellon University, 2018. |
[19] | SANKEY J , WRIGHT M . Dovetail:stronger anonymity in next generation internet routing[C]// International Symposium on Privacy Enhancing Technologies Symposium. Springer, 2014: 283-303. |
[20] | CHEN C , ASONI D E , BARRERA D . HORNET:high-speed onion routing at the network layer[C]// The 22nd ACM SIGSAC Conference on Computer and Communications Security. ACM, 2015: 1441-1454. |
[21] | CHEN C , PERRIG A . PHI:path-hidden lightweight anonymity protocol at network layer[J]. Proceedings on Privacy Enhancing Technologies, 2017(1): 1-18. |
[22] | CHEN C , DANIELE E , DANEZIS G . TARANET:traffic analysis resistant anonymity at the network layer[C]// IEEE European Symposium on Security and Privacy. IEEE, 2018: 137-152. |
[23] | 王啸, 方滨兴, 刘培朋 ,等. Tor匿名通信网络节点家族的测量与分析[J]. 通信学报, 2015,36(2): 80-87. |
WANG X , FANG B X , LIU P P ,et al. Measuring and analyzing node families in the Tor anonymous communication network[J]. Journal on Communications, 2015,36(2): 80-87. | |
[24] | BAUER K , MCCOY D , GRUNWALD D ,et al. Low-resource routing attacks against tor[C]// Proceedings of the 2007 ACM Workshop on Privacy in Electronic Society. ACM, 2007: 11-20. |
[25] | 潘吴斌, 程光, 郭晓军 ,等. 网络加密流量识别研究综述及展望[J]. 通信学报, 2016,37(9): 154-167. |
PAN W B , CHENG G , GUO X J ,et al. Review and perspective on encrypted traffic identification research[J]. Journal on Communications, 2016,37(9): 154-167. | |
[26] | CHAKRAVARTY S , BARBERA M V , PORTOKALIDIS G . On the effectiveness of traffic analysis against anonymity networks using flow records[C]// International Conference on Passive and Active Network Measurement. Springer, 2014: 247-257. |
[27] | LING Z , LUO J , YU W ,et al. Protocol-level attacks against Tor[J]. Computer Networks, 2013,57(4): 869-886. |
[28] | KWON A , ALSABAH M , LAZAR D . Circuit fingerprinting attacks:passive deanonymization of tor hidden services[C]// USENIX Conference on Security Symposium. USENIX Association, 2015: 287-302. |
[29] | ZHU T , FENG D , WANG F . Efficient anonymous communication in sdn-based data center networks[J]. IEEE/ACM Transactions on Networking, 2017,25(6): 3767-3780. |
[30] | MEIER R , GUGELMANN D , VANBEVER L . iTAP:in-network traffic analysis prevention using software-defined networks[C]// The Symposium on SDN Research. ACM, 2017: 102-114. |
[31] | TATLICIOGLU S , CIVANLAR S , GORKEMLI B . A security services platform for software defined networks[C]// IEEE Conference on Network Function Virtualization and Software Defined Networks. IEEE, 2016: 39-43. |
[32] | JAFARIAN J H , AL-SHAER E , DUAN Q . OpenFlow random host mutation:transparent moving target defense using software defined networking[C]// ACM SIGCOMM Workshop on Hot Topics in Software Defined Networks. ACM, 2012: 127-132. |
[33] | MACFARLAND D C , SHUE C A . The SDN shuffle:creating a moving-target defense using host-based software-defined networking[C]// The 2th ACM Workshop on Moving Target Defense. ACM, 2015: 37-41. |
[34] | SKOWYRA R , BAUER K , DEDHIA V . No PHEAR:networks without identifiers[C]// The 3th ACM Workshop on Moving Target Defense. ACM, 2016: 3-14. |
[35] | SILVA E G D , KNOB L A D , WICKBOLDT J A . Capitalizing on SDN-based SCADA systems:an anti-eavesdropping case-study[C]// IFIP/IEEE International Symposium on Integrated Network Management. IEEE, 2015: 165-173. |
[36] | LING Z , LUO J , WU K . Protocol-level hidden server discovery[C]// The 32th IEEE International Conference on Computer Communications. IEEE, 2013: 1043-1051. |
[37] | KONG J J , HONG X Y . ANODR:anonymous on demand routing with untraceable routes for mobile ad-hoc networks[C]// International Symposium on Mobile Ad Hoc Networking and Computing. ACM, 2003: 291-302. |
[38] | SAKAI K , SUN M T , KU W S . Performance and security analyses of onion-based anonymous routing for delay tolerant networks[J]. IEEE Transactions on Mobile Computing, 2017,16(12): 3473-3487. |
[39] | WIRTZ G , SANDMANN W , LOESING K . Performance measurements and statistics of tor hidden services[C]// International Symposium on Applications and the Internet. IEEE, 2008: 1-7. |
[1] | Zhiyong LUO, Yu ZHANG, Qing WANG, Weiwei SONG. Study of SDN intrusion intent identification algorithm based on Bayesian attack graph [J]. Journal on Communications, 2023, 44(4): 216-225. |
[2] | Jianzhong SU, Huayu ZHANG, Hailong ZHU. Computing method for periodic stream reservation in TSN combined with SDN controller [J]. Journal on Communications, 2021, 42(10): 23-31. |
[3] | Yaomin WANG,Xia WANG,Yi DONG,Songhai ZHANG,Xinling SHI. Data center traffic scheduling strategy based on Fibonacci tree optimization algorithm [J]. Journal on Communications, 2020, 41(6): 112-127. |
[4] | Zhenzhen HAN,Guofeng ZHAO,Chuan XU,Wentao ZHOU,Yangyang ZHOU. Dynamic SDN controller placement based on latency in LEO satellite network [J]. Journal on Communications, 2020, 41(3): 126-135. |
[5] | Wenlong KE,Yong WANG,Miao YE,Junqi CHEN. Priority differentiated multicast flow scheduling method in Ceph cloud storage network [J]. Journal on Communications, 2020, 41(11): 40-51. |
[6] | Hongyan QIAN,Hao XUE,Ming CHEN. UDM:NFV-based prevention mechanism against DDoS attack on SDN controller [J]. Journal on Communications, 2019, 40(3): 116-124. |
[7] | Tong DUAN,Julong LAN,Yuxiang HU,Hongwei FAN. Orchestration mechanism for VNF hardware acceleration resources in SDN/NFV architecture [J]. Journal on Communications, 2018, 39(6): 98-108. |
[8] | Songjie WEI,Xin SUN,Rudong ZHAO,Chao WU. Tracing IP-spoofed packets in software defined network [J]. Journal on Communications, 2018, 39(11): 181-189. |
[9] | Zhi-yuan ZHAO,Xiang-ru MENG,Yu-ze SU,Zhen-tao LI. Virtual SDN embedding with differentiated QoS under multiple controller [J]. Journal on Communications, 2017, 38(8): 101-110. |
[10] | Zhi SUN,Ming CHEN. PriQoS:priority-differentiated flow control mechanism based on SDN [J]. Journal on Communications, 2017, 38(2): 115-124. |
[11] | Tao WANG,Hong-chang CHEN,Guo-zhen CHENG. Research on software-defined network and the security defense technology [J]. Journal on Communications, 2017, 38(11): 133-160. |
[12] | Jian WANG,Guo-sheng ZHAO,Zhi-xin LI. Research on mapping algorithm of virtual network oriented to SDN [J]. Journal on Communications, 2017, 38(10): 26-35. |
[13] | Zhi-geng HAN,Xia FENG,Geng CHEN. SDN based e-mail repudiation source restraining method [J]. Journal on Communications, 2016, 37(9): 55-67. |
[14] | Jun-fei LI,Ju-long LAN,Yu-xiang HU,Jiang-xing WU. Quantitative approach of multi-controller’s consensus in SDN [J]. Journal on Communications, 2016, 37(6): 86-93. |
[15] | Yan-wei ZHOU,Zhen-qiang WU,Bo YANG. Diversity of controllable anonymous communication system [J]. Journal on Communications, 2015, 36(6): 105-115. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||
|