IDEALS Home University of Illinois at Urbana-Champaign logo The Alma Mater The Main Quad

Protecting anonymity in the presence of autonomous system and internet exchange level adversaries

Show full item record

Bookmark or cite this item: http://hdl.handle.net/2142/34363

Files in this item

File Description Format
PDF Juen_Joshua.pdf (851KB) (no description provided) PDF
Title: Protecting anonymity in the presence of autonomous system and internet exchange level adversaries
Author(s): Juen, Joshua
Advisor(s): Borisov, Nikita
Department / Program: Electrical & Computer Eng
Discipline: Electrical & Computer Engr
Degree Granting Institution: University of Illinois at Urbana-Champaign
Degree: M.S.
Genre: Thesis
Subject(s): Anonymity Autonomous Overlay Networks Privacy Tor Networking
Abstract: This thesis analyzes the threat of autonomous system (AS) and Internet exchange (IX) level adversaries on Tor, currently the most widely deployed and used anonymity overlay network. Of particular interest is the possibility of a single AS or IX point observing both the path from the client to the entry node and the path from the exit node to the nal destination. Experimental results indicate that a non-trivial number of circuits are vulnerable to such compromise. A novel AS-level path prediction algorithm is developed in order to allow the client to choose paths without vulnerabilities. The path prediction algorithm sacri ces some accuracy in the top path prediction in order to decrease the hardware requirements necessary to predict AS-level paths and is simple enough to run on standard client hardware. We validate the accuracy of the path predictor rst compared to classical path prediction algorithms, then compared to traceroute data taken from Planet Lab. The simulator predicts paths with similar sets of ASes and links nding 90% of the actual ASes seen in the traceroute data. The e ects of choosing paths utilizing the new path predictions is then investigated to nd that load balancing is adversely a ected. The entropy loss due to the new path selection method is also investigated, speci cally the entropy of the client from an adversary observing the exit/destination path. We nd that choosing paths with our new path selection algorithm results in minimal entropy loss. Overall, the results demonstrate that the new path simulator is a lightweight solution to defend against AS and IX-level compromise of anonymous communication paths on the Internet and should be considered for deployment to maintain the privacy guarantees of such systems.
Issue Date: 2012-09-18
URI: http://hdl.handle.net/2142/34363
Rights Information: Copyright 2012 Joshua Paul Joseph Juen
Date Available in IDEALS: 2012-09-18
Date Deposited: 2012-08
 

This item appears in the following Collection(s)

Show full item record

Item Statistics

  • Total Downloads: 168
  • Downloads this Month: 9
  • Downloads Today: 0

Browse

My Account

Information

Access Key