A Systematic Review of Network Flow Watermarking In Anonymity Systems

Tianbo Lu,Rui Guo,Lingling Zhao,Yang Li 보안공학연구지원센터 2016 International Journal of Security and Its Applicat Vol.10 No.3

With the rapid development of internet technology, the connection between man and internet is closer and closer. When people is communicating with others through internet, some malicious intruders may want to eavesdrop or peep the communicators. In order to evade being watching, people use anonymous communication systems to communicate. The anonymity system can encrypt the content of communication and the identity of the communicators. But if the communicators want to know who is talking to them at the other end, they must correlate the outgoing and incoming flows to identify a host or a person. As an active traffic analysis approach, network flow watermarking technology can detect the correlation of flows, and then make the anonymous communicators accountable. While network flow watermarking technology achieves good detecting rate and low false positive rate, it could be an effective way to trace the communication connections and supervise anonymous communication. So it is a widely used way for tracing in anonymity systems. In this paper, we introduce some different schemes of network flow watermarking in anonymity systems and discuss some attacks against it. Finally, a conclusion will be given.

Security Model for Sensitive Information Systems and Its Applications in Sensor Networks

Tianbo Lu,Xiaobo Guo,Lingling Zhao,Yang Li,Peng Lin,Binxing Fang 보안공학연구지원센터 2015 International Journal of Security and Its Applicat Vol.9 No.5

The study of security models for sensitive information systems has been taken on for years, but still lag far away behind the progress of information security practice. During this century, the thought of seeking the system security to the source of system development lifecycle received huge improvement in the system and software assurance domain. This paper firstly expounds the understanding of information security by illustrating information security study development progress since pre-computer age and presents a description of cyberspace and cyberization security by summarizing the status quo of cyberization. Then a security model called PDRL, which includes six core security attributes of sensitive information systems, is proposed to protect the security of sensitive information systems in the whole system life-cycle. At last, this paper probes into further discussion about controllability attribute and proposes a controllability model in sensitive sensor networks, followed by a probability computing formula and the example for computing the controllability of sensitive sensor networks. By dividing each single element of sensitive information and each element-related operation into a corresponding classification, this paper makes a reasonable description of the quantitative description about controllability.

Towards a Comprehensive Analysis of Crowds Anonymity System

Tianbo Lu,Xinyuan Zhang,Xiaofeng Du,Yang Li 보안공학연구지원센터 2016 International Journal of Security and Its Applicat Vol.10 No.7

There is an increasing command for anonymity in network. Crowds[1] is an popular anonymity system proposed by Michael K. Reiter and Aviel D. Rubin which main idea behind it is hiding users’ identities by routing their packets randomly within a group of similar users. Crowds can provides sender anonymity and also has an advantage that the computation load of relay nodes is very small but it does not protect the identity of the receiver. This paper presents an overview on Crowds and introduces the development of Crowds from the following aspects: anonymity analysis, application especially the application in P2P and the performance. We summarize the work about anonymity analysis based on Crowds and divide them into receiver analysis, probabilistic behavior, attack and anonymity proof. Crowds is high efficient but it can’t resist the global attack, therefore, to meet the needs of the different levels of anonymity, there is a vast body of anonymity literature concerned with anonymity analysis, for example, Crowds can’t provide receiver anonymity but receiver anonymity is important in many cases, so many work extending the Crowds system from sender anonymity only to sender and receiver anonymity. In addition to the analysis, we also summarize the applications of Crowds. Undoubtedly, it is widely used in P2P. We also give an overlook of the performance of Crowds.

Towards a Framework for Assuring Cyber Physical System Security

Tianbo Lu,Jinyang Zhao,Lingling Zhao,Yang Li,Xiaoyan Zhang 보안공학연구지원센터 2015 International Journal of Security and Its Applicat Vol.9 No.3

Today, cyber physical systems (CPS) are becoming popular in power networks, healthcare devices, transportation networks, industrial process and infrastructures. As cyber physical systems are used more and more extensively and thoroughly, security of cyber physical systems has become the utmost important concern in system design, implementation and research. Many kinds of attacks arise (e.g. the Stuxnet worm), causing heavy losses and serious potential security risks. For the past few years, researchers are focusing their researches on different aspects of security of cyber physical systems. In this paper, we propose a security framework assuring the security of cyber physical systems and analyze main universities and institutes studying CPS security and their relations in three levels: CPS security objectives, CPS security approaches and security in specific CPS applications. Finally, a conclusion of this article is given.

F-Crowds : An Anonymity Scheme for P2P File-Sharing

Tianbo Lu,Xinyuan Zhang,Xiaofeng Du,Yang Li 보안공학연구지원센터 2016 International Journal of Security and Its Applicat Vol.10 No.6

The traditional encryption methods pay more attention to the confidentiality of the message content, but ignore the protection of identity information to the communicating parties. By encrypting, the contents of the communication acquired by attackers became relatively difficult, but they can still found the identity information of the two sides to communicate easily because in the TCP / IP protocol, the sender and receiver of the message are exposed. The anonymity communication technology, is used to solve this problem. The first anonymity communication technology can date back to 1981, Chaum proposed MIX [1] which is a very important technology for reference by a number of researchers of anonymity communication. The rapid development of the Internet has made things convenience to people, but also led to more personal information exposed to the public. As a result, a growing number of areas that required anonymity communication technology to protect the user's privacy. P2P file-sharing is not exception. P2P is undoubtedly the most popular way for file-sharing, but popular P2P file-sharing protocols, such as BitTorrent, can’t provide users anonymity communication service. Many people choose to build upon existing anonymous communication tools, such as Tor, to achieve anonymous P2P file transfer, but Tor primarily provides anonymous service for web browsing, instant message or other low latency applications. A large number of P2P file traffic will seriously threaten the service of Tor. Therefore, the anonymity communication service specifically for P2P file sharing system is very important. In this paper, we presents an anonymity communication scheme specifically for P2P file-sharing networks called F-Crowds which based on Crowds [2] to provide an adjustable anonymity service for P2P file-sharing.

NSDA : A Novel Node Selecting Optimal Algorithm Based on Dijkstra

Tianbo Lu,Jiao Zhang,Lingling Zhao,Yang Li,Xiaoyan Zhang 보안공학연구지원센터 2016 International Journal of Future Generation Communi Vol.9 No.6

This paper first represent the basic conceptions of anonymous communication, then introduce the fundamentals in Anonymous Communication. Afterwards, we went deep to the classification of anonymous network topological, therefore we could get a better understanding on P2P anonymous communication system. We also systematically analyzes the existing node-select algorithms. Furthermore, we propose and implement a new node selection algorithm based on Dijkstra algorithm, named NSDA algorithm. We give a belief description about the backgrounds and design of NSDA Algorithm. The algorithm can combine the node properties with link properties to select node, which can adjust the system performancing and anonymity. In order to evaluate the NSDA algorithm, we have done experiments in Network Simulator 3, and we also explain the reason why we choose Network Simulator 3 as the simulate tool. In the end, we analyze the characteristics of NSDA algorithm according to the results of experiments.

Towards Attacks and Defenses of Anonymous Communication Systems

Tianbo Lu,Puxin Yao1,Lingling Zhao,Yang Li,Feng Xie,Yamei Xia 보안공학연구지원센터 2015 International Journal of Security and Its Applicat Vol.9 No.1

Anonymous communication system has been hot topic in the field of information security, and attack techniques against anonymous systems are endless. This paper first classifies and summarizes the study of attacks against anonymous communication system in recent years, then analyzes the trend of the research on different attack technologies; secondly, it provides a comparative analysis of defense capability the mainstream anonymous communication system to the various attacks; Finally, combining the advantages and disadvantages of different systems, the authors propose an improved node selection and router forwarding algorithms for anonymous communication systems, and design an architecture of anonymous communications software based on the algorithm.

Towards an Analysis of Passive Attacks on Anonymous Communication Systems

Tianbo Lu,Pan Gao,Lingling Zhao,Yang Li,Wan Jiang Han 보안공학연구지원센터 2016 International Journal of Security and Its Applicat Vol.10 No.8

A Framework for Analyzing Anonymous Network Topology

Tianbo Lu,Shixian Du,Yang Li,Peiyuan Dong,Xiaoyan Zhang 보안공학연구지원센터 2015 International Journal of Future Generation Communi Vol.8 No.4

Nowadays, Internet privacy becomes more and more important and sensitive, and has been one of the latest buzz words to hit the Internet world. In response to protect the privacy of Internet users, a variety of privacy enhancing technologies (PETs) have emerged. As one of privacy enhancing technologies, anonymous communication has been extensively studied from various aspects by researchers. Node churn is frequent in anonymous network, which make it difficult to maintain a stable network topology, therefore it is necessary to get more insight into the overall anonymous network topology. In this work, in order to better grasp the present situation of research, we investigate existing organizations and universities which study anonymous communication from the perspective of network topology, and related projects. Then we survey related papers to anonymous communication published in recent years, which focus on the analysis of node selection (especially in the Tor). In addition, we present a framework of anonymous communication network topology, and a visual illustration of this analysis that shows the progression of the research of network topology and node discovery in anonymous communication. Finally, some related problems and follow-up study are presented to be studied deeply in future.

Towards an Analysis of Verifiable Mix Network Properties

Tianbo Lu,Jiaxi Lin,Xiaofeng Du,Yang Li 보안공학연구지원센터 2016 International Journal of Future Generation Communi Vol.9 No.7

With the development of mix-net, the basic properties of mix-net cannot satisfy all the requirements of people. The verifiable mix-net raised in response to the proper time and conditions. In this paper, we study the problem of simultaneously achieving several security properties, for mix-nets and verifiability mix-nets. More precisely, under different assumptions and requirements, verifiability mix-nets have more extra security properties than mix-nets. The basic properties of mix-nets contain correctness, privacy, robustness, availability and efficient. The extra properties of verifiability mix-nets contain universal verifiability, unconditional anonymous, receipt-freeness. This paper summarizes all of the security properties, and defines them explicitly and systematically.