Abstract
In this paper, we address attacks that exploit the
timing behavior of TCP and other protocols and applications in low-latency
anonymity networks. Mixes have been used in many anonymous communication
systems and are supposed to provide countermeasures to defeat traffic analysis
attacks. In this paper, we focus on a particular class of traffic analysis
attacks, flow correlation attacks, by which an adversary attempts to analyze the
network traffic and correlate the traffic of a flow over an input link with
that over an output link. Two classes of correlation methods are considered,
namely time-domain methods and frequency-domain methods. Based on our threat
model and known strategies in existing mix networks, we perform extensive
experiments to analyze the performance of mixes. We find that all but a few
batching strategies fail against flow-correlation attacks, allowing the
adversary to either identify ingress and egress points of a flow or to
reconstruct the path used by the flow. Counter intuitively, some batching
strategies are actually detrimental against attacks. The empirical results
provided in this paper give an indication to designers of Mix networks about
appropriate configurations and mechanisms to be used to counter
flow-correlation attacks
Existing System:
In Existing System, the anonymity of a system can be
passively attacked by an observer in two ways, either through inspection of
payload or headers of the exchanged data packets, or, when encryption is used,
through traffic analysis. Sufficiently effective encryption can be used to
prevent packet content inspection, giving prevalence to the second form of
attack. Traffic analysis is typically countered by the use of intermediary
nodes, whose role is to perturb the traffic flow and thus confuse an external
observer.
Proposed System:
In Proposed System, we focus on a particular class of
traffic analysis attacks, flow correlation attacks, by which an adversary
attempts to analyze the network traffic and correlate the traffic of a flow
over an input link with that over an output link. Two classes of correlation
methods are considered, namely time-domain methods and frequency-domain methods.
This paper focuses on the quantitative evaluation of mix performance. We focus
our analysis on a particular type of attack, which we call the flow-correlation
attack. In general, flow-correlation attacks attempt to reduce the anonymity degree
by estimating the path of flows through the mix network. Flow correlation
analyzes the traffic on a set of links (observation points) inside the network
and estimates the likelihood for each link to be on the path of the flow under
consideration. An adversary analyzes the network traffic with the intention of
identifying which of several output ports a flow at an input port of a mix is taking.
We avoid unwanted packets hacking problem.
System Requirements:
SOFTWARE REQUIREMENTS
n
Language
: Java, swing
n Back End Tool: SQL SERVER 2000
n
Operating
System: Windows 98 and more.
HARDWARE REQUIREMENTS
n
Processor
: Intel Pentium III Processor
n
Random
Memory: 128MB
n
Hard
Disk :20GB
No comments:
Post a Comment