• Save
Denial Of Service Flooding Detection In Anonymity Networks
Upcoming SlideShare
Loading in...5
×
 

Denial Of Service Flooding Detection In Anonymity Networks

on

  • 2,297 views

MonAM Talk Slides

MonAM Talk Slides

Statistics

Views

Total Views
2,297
Views on SlideShare
2,294
Embed Views
3

Actions

Likes
2
Downloads
0
Comments
0

3 Embeds 3

http://jens.oberender.googlepages.com 1
http://jens-oberender.name 1
http://www.nymity.info 1

Accessibility

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Denial Of Service Flooding Detection In Anonymity Networks Denial Of Service Flooding Detection In Anonymity Networks Presentation Transcript

  • MonAM 2007 LAAS-CNRS, Toulouse, Toulouse France 5. November 2007 Denial-of-Service Flooding Detection g in Anonymity Networks Jens Oberender Computer Networks & Communications Group Melanie Volkamer Institute for IT-Security and Security Law Hermann de Meer University of Passau Germany y Network of Excellence: Design and Engineering of the Future Generation Internet ( (IST-028022) ) Performance Measurement and Management for Two-Level Optimization of Networks and Peer-to-Peer Applications (GR/S69009/01)
  • Attacks in Anonymity Networks Chaum’s Mixer A sender remains anonymous, if an adversary catches no evidence on sender identity d t h id d id tit Application Attacks Transport p Network Data Link DoS Sender G t Gateway Detection D t ti i Receiver R jens.oberen j Anonymity Network nder@uni-p How to protect receivers from anonymous flooding attacks? 1. Enable traffic flow detection DoS attack detection passau.de 1 2. Prevent anonymity breach protect sender identity Message Tagging g gg g 07.11.2007 DoS Flooding Detection in Anonymity Networks 2
  • Linkability Continuum Two messages are linkable by an adversary, if evidence on their relation can be provided. 1 ∞ # Messages per Profile None Limited Lifelong Message Linkability Pseudonyms – Adversary links all messages malicious profiling U b Unobservability bilit jens.oberen j + Observer cannot link any messages together Limited Linkability ed ab y nder@uni-p Restricted number of linkable messages Enables traffic flow clustering passau.de 07.11.2007 DoS Flooding Detection in Anonymity Networks 3
  • Attacker Model Assumptions Privacy Adversary Anonymity Network unbroken • Aim: disclose sender anonymity y y Access Control Entity trusted • Observe incoming tags by sender & receivers • Collude with other DoS engines Access DoS Adversary Control Mitigation Access j jens.oberen Attacker Anonymity Network Adversary Receiver Control Access Control Adversary Receiver nder@uni-p Message Flooding Attacker Security Objectives 1. Limited linkabilit linkability passau.de • Aim: Denial-of-Service • Exhausts victim resources 2. Linkability resistant to malicious influence 07.11.2007 DoS Flooding Detection in Anonymity Networks 4
  • Message tagging Fast, local traffic flow cluster criteria Hash from characteristic strings (key derivation function) Values not comparable with fresh salt Linkability control Tag properties Sender differentiate senders j jens.oberen nder@uni-p Receiver disables cross-server profiling passau.de Time Frame disables lifelong linkability 07.11.2007 DoS Flooding Detection in Anonymity Networks 5
  • Internal vs. External Tags Anonymity Attack using external tags Collude to learn anonymous paths Proposed internal Message Tagging j jens.oberen h(SenderX, Receiver, ) Tags reside within encrypted channel nder@uni-passau.de p 07.11.2007 DoS Flooding Detection in Anonymity Networks 6
  • Clustering of Anonymous Traffic Flows Anonymous Messages Header data stripped off, application level analysis needed Regular Use Message Tag e Flooding jens.oberen j t t t Time at Access Control Entity Message tags enable flow clustering nder@uni-p h(SenderX, Receiver, ) Clusters of [ Sender, , ] at Engine g passau.de Detection frames cluster partial message flows Arrival rate 07.11.2007 DoS Flooding Detection in Anonymity Networks 7
  • Clustering of time-based Tags j jens.oberender@uni-passau.de n p 07.11.2007 DoS Flooding Detection in Anonymity Networks 8
  • Scalability Issues Clock skew in distributed systems misuse degrades linkability Access control entity Counts messages jens.oberen j nt u essage Tag ... per sender co Logarithm oga nder@uni-p Me effects on tag passau.de Traffic flow classification Arrival rate per message tag Activity profiling 07.11.2007 DoS Flooding Detection in Anonymity Networks 9
  • Sender Linkability Scales with message volume Depends on arrival rate towards each receiver Message tags collisions Access Control Entity 1 Entity 2 DoS Offset Detection Flooding Time Flow splitting increases linkability jens.oberen j Incentive mechanism nder@uni-p Strategic players’ goal: maximize privacy Inoffensive communication encouraged passau.de 07.11.2007 DoS Flooding Detection in Anonymity Networks 10
  • Multiple sender identities Equivalent to DDoS No defense against attacks from different sender identities, but… b t Example BotNets p Anonymity for attacker only Proxy functionality Yet these d ’t spy SMTP authentication Y t th don’t th ti ti j jens.oberen Anonymity networks o y y e o s nder@uni-p No need to operate a BotNet Anonymous attacks using real identity Hard-to-detect without add-ons d d passau.de Benefits the privacy of the broad public! 07.11.2007 DoS Flooding Detection in Anonymity Networks 11
  • Conclusions Partial traffic flows Ability to detect Anonymous DoS Flooding Attacks state-of-the-art state of the art techniques applicable Sender Anonymity maintained Sender Privacy Defense of cross-server profiling Restricted amount of message linkable Arrival Rate Linkability jens.oberen j nder@uni-passau.de p Jens Oberender <jens.oberender@uni-passau.de> j @ 07.11.2007 DoS Flooding Detection in Anonymity Networks 12