Abstract
In this paper, we address the problem of defending against entry-exit linking attacks in Tor, a popular anonymous communication system. We formalize the problem as a repeated non-cooperative game between the defender and the adversary (i.e., controller of the compromised Tor nodes to carry out entry-exit linking attacks). Given the current path selection algorithm of Tor, we derive an optimal attack strategy for the adversary according to its utility function, followed by an optimal defensive strategy against this attack. We then repeat such interactions for three additional times, leading to three design principles, namely stratified path selection, bandwidth order selection, and adaptive exit selection. We further develop gPath, a path selection algorithm that integrates all three principles to significantly reduce the success probability of linking attacks. Using a combination of theoretical analysis and experimental studies on real-world Tor data, we demonstrate the superiority of our algorithm over the existing ones.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Dingledine, R., Mathewson, N., Syverson, P.: Tor: The second-generation onion router. In: Proceedings of the 13th USENIX Security Symposium (2004)
Dingledine, R., Mathewson, N., Syverson, P.: Tor: anonymity online (2008), http://tor.eff.org/index.html.en
Ling, Z., Luo, J., Yu, W., Fu, X., Xuan, D., Jia, W.: A new cell counter based attack against tor. In: ACM Conference on Computer and Communications Security (CCS) (2009)
Wang, X., Chen, S., Jajodia, S.: Tracking anonymous peer-to-peer VoIP calls on the internet. In: ACM Conference on Computer Communications Security (CCS) (2005)
Pries, R., Yu, W., Fu, X., Zhao, W.: A new replay attack against anonymous communication networks. In: IEEE International Conference on Communications (ICC) (2008)
Johnson, A., Feigenbaum, J., Syverson, P.: Preventing active timing attacks in low-latency anonymous communication. In: Privacy Enhancing Technologies Symposium (PETS) (2010)
Diaz, C., Murdoch, S.J., Troncoso, C.: Impact of network topology on anonymity and overhead in low-latency anonymity networks. In: Privacy Enhancing Technologies Symposium (PETS) (2010)
Xie, M., Yin, H., Wang, H.: An effective defense against email spam laundering. In: ACM Conference on Computer Communications Security (CCS) (2006)
Debar, H., Dacier, M., Wespi, A.: Towards a taxonomy of intrusion detection systems. Computer Networks 31(8), 805–822 (1999)
Alpcan, T., Basar, T.: An intrusion detection game with limited observations. In: Proceeding of the 12th Intl. Symposium on Dynamic Games and Applications (2006)
Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM 4(2) (February 1981)
Danezis, G., Dingledine, R., Mathewson, N.: Mixminion: design of a type iii anonymous remailer protocol. In: IEEE Symposium on Security and Privacy (S&P) (2003)
Zhu, Y., Fu, X., Graham, B., Bettati, R., Zhao, W.: On flow correlation attacks and countermeasures in mix networks. In: Martin, D., Serjantov, A. (eds.) PET 2004. LNCS, vol. 3424, pp. 207–225. Springer, Heidelberg (2005)
Levine, B.N., Reiter, M.K., Wang, C., Wright, M.: Timing attacks in low-latency mix-based systems. In: Juels, A. (ed.) FC 2004. LNCS, vol. 3110, pp. 251–265. Springer, Heidelberg (2004)
Song, D.X., Wagner, D., Tian, X.: Timing analysis of keystrokes and timing attacks on ssh. In: Proceedings of 10th USENIX Security Symposium (August 2001)
Sun, Q.X., Simon, D.R., Wang, Y., Russell, W., Padmanabhan, V.N., Qiu, L.L.: Statistical identification of encrypted web browsing traffic. In: Proceedings of IEEE Symposium on Security and Privacy (S&P) (May 2002)
Liberatore, M., Levine, B.N.: Inferring the source of encrypted http connections. In: ACM conference on Computer and Communication Security (CCS) (2006)
Yu, W., Fu, X., Graham, S., Xuan, D., Zhao, W.: DSSS-based flow marking technique for invisible traceback. In: IEEE Symposium on Security and Privacy (S&P) (2007)
Murdoch, S.J., Danezis, G.: Low-cost traffic analysis of tor. In: Proceedings of the IEEE Security and Privacy Symposium (S&P) (May 2006)
Overlier, L., Syverson, P.: Locating hidden servers. In: Proceedings of the IEEE Security and Privacy Symposium (S&P) (May 2006)
Xu, J., Lee, W.: Sustaining availability of web services under distributed denial of service attacks. IEEE Transactions on Computer 52(4), 195–208 (2003)
Gordon, L.A., Loeb, M.P.: Using information security as a response to competitor analysis systems. Communications of the ACM 44(9), 70–75 (2001)
Liu, P., Zang, W., Yu, M.: Incentive-based modeling and inference of attacker intent, objectives, and strategies. ACM Transactions on Information System and Security 8(1), 78–118 (2005)
Buttyan, L., Hubaux, J.P.: Security and Cooperation in Wireless Networks. Cambridge University Press, Cambridge (2007)
Yu, W., Liu, K.J.R.: Game theoretic analysis of cooperation stimulation and security in autonomous mobile ad hoc networks. IEEE Transactions on Mobile Computing 6(5), 459–473 (2007)
Alpcan, T., Basar, T.: A game theoretic analysis of intrusion detection in access control systems. In: Proceedings of the 43th IEEE Conference on Decision and Control (2004)
Liu, Y., Comaniciu, C., Man, H.: A bayesian game approach for intrusion detection in wireless ad hoc networks. In: Proceedings of the 2006 Workshop on Game Theory for Communications and Networks (2006)
Zhang, N., Zhao, W.: Distributed privacy preserving information sharing. In: Proceedings of the 31th International Conference on Very Large Data Bases (VLDB) (2005)
Lye, K., Wing, J.M.: Game strategies in network security. In: Proceedings of the 15th IEEE Computer Security Foundations Workshop (CSFW) (2002)
Buike, D.: Towards a game theory model of information warfare. Airforce Institute of Technology, Master Thesis (1999)
Zhang, N., Yu, W., Fu, X., Das, S.K.: Maintaining defender’s reputation in anomaly detection against insider attacks. IEEE Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics 40 (2010)
Dalvi, N., Domingos, P., Mausam, S.S., Verma, D.: Adversarial classification. In: SIGKDD (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhang, N., Yu, W., Fu, X., Das, S.K. (2010). gPath: A Game-Theoretic Path Selection Algorithm to Protect Tor’s Anonymity. In: Alpcan, T., Buttyán, L., Baras, J.S. (eds) Decision and Game Theory for Security. GameSec 2010. Lecture Notes in Computer Science, vol 6442. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-17197-0_4
Download citation
DOI: https://doi.org/10.1007/978-3-642-17197-0_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-17196-3
Online ISBN: 978-3-642-17197-0
eBook Packages: Computer ScienceComputer Science (R0)