Stable internet routing without global coordination
IEEE/ACM Transactions on Networking (TON)
Traffic Analysis Attacks and Trade-Offs in Anonymity Providing Systems
IHW '01 Proceedings of the 4th International Workshop on Information Hiding
Location diversity in anonymity networks
Proceedings of the 2004 ACM workshop on Privacy in the electronic society
SIGMETRICS '05 Proceedings of the 2005 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Tor: the second-generation onion router
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
How much anonymity does network latency leak?
Proceedings of the 14th ACM conference on Computer and communications security
As-awareness in Tor path selection
Proceedings of the 16th ACM conference on Computer and communications security
Proceedings of the 2009 ACM workshop on Cloud computing security
Fingerprinting websites using traffic analysis
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Sampled traffic analysis by internet-exchange-level adversaries
PET'07 Proceedings of the 7th international conference on Privacy enhancing technologies
Telex: anticensorship in the network infrastructure
SEC'11 Proceedings of the 20th USENIX conference on Security
Website fingerprinting in onion routing based anonymization networks
Proceedings of the 10th annual ACM workshop on Privacy in the electronic society
Cirripede: circumvention infrastructure using router redirection with plausible deniability
Proceedings of the 18th ACM conference on Computer and communications security
Peek-a-Boo, I Still See You: Why Efficient Traffic Analysis Countermeasures Fail
SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
Cover your ACKs: pitfalls of covert channel censorship circumvention
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Validating web content with senser
Proceedings of the 29th Annual Computer Security Applications Conference
Hi-index | 0.00 |
Decoy Routing is a new approach to Internet censorship circumvention that was recently and independently proposed at FOCI'11, USENIX Security'11 and CCS'11. Decoy routing aims to hamper nation-state level Internet censorship by having routers, rather than end hosts, relay traffic to blocked destinations. We analyze the security of these schemes against a routing capable adversary, a censoring authority that is willing to make routing decisions in response to decoy routing systems. We explore China, Syria, Iran, and Egypt as routing capable adversaries, and evaluate several attacks that defeat the security goals of existing decoy routing proposals. In particular, we show that a routing capable adversary can enumerate the participating routers implementing these protocols; can successfully avoid sending traffic along routes containing these routers with little or no adverse effects; can identify users of these schemes through active and passive attacks; and in some cases can probabilistically identify connections to targeted destinations.