计算机科学

计算机科学 ›› 2025, Vol. 52 ›› Issue (3): 391-399.doi: 10.11896/jsjkx.240100151

• 信息安全 • 上一篇    下一篇

基于相似性感知的Tor网络路径选择算法

隋嘉祺1, 扈红超1,2, 史鑫2, 周大成2, 陈尚煜2   

  1. 1 郑州大学网络空间安全学院 郑州 450001
    2 信息工程大学信息技术研究所 郑州 450001
  • 收稿日期:2024-01-19 修回日期:2024-10-25 出版日期:2025-03-15 发布日期:2025-03-07
  • 通讯作者: 扈红超(1725059086@qq.com)
  • 作者简介:(bearsui5@163.com)
  • 基金资助:
    国家自然科学基金区域创新发展联合基金(U22A2001);国家自然科学基金(62072467)

Tor Network Path Selection Algorithm Based on Similarity Perception

SUI Jiaqi1, HU Hongchao1,2, SHI Xin2, ZHOU Dacheng2, CHEN Shangyu2   

  1. 1 School of Cyber Science and Engineering,Zhengzhou University,Zhengzhou 450001,China
    2 Institute of Information Technology,University of Information Engineering,Zhengzhou 450001,China
  • Received:2024-01-19 Revised:2024-10-25 Online:2025-03-15 Published:2025-03-07
  • About author:SUI Jiaqi,born in 2000,postgraduate.His main research interests include cyber security and anonymous communication.
    HU Hongchao,born in 1982,professor,Ph.D supervisor.His main research interests include cloud computing security and cyber security.
  • Supported by:
    Regional Innovation and Development Joint Fundof the National Natural Science Foundation of China(U22A2001) and National Natural Science Foundation of China(62072467).

PDF (PC)

172

摘要: 由于Tor低门槛的搭建条件和开放的参与机制,攻击者可以通过控制大量的恶意Sybil节点对Tor网络发起Sybil攻击,从而对用户隐私造成严重的威胁。目前,针对Sybil攻击的防御方法中,一类通过识别恶意Sybil节点来进行防御,该类方法存在对节点之间相似性分析缺乏准确性、难以识别恶意节点针对性伪装等问题;另一类通过提升Tor路径选择算法的安全性来进行防御,该类方法存在路径选择算法难以同时满足安全性和性能的双重要求、不能抵御多种Sybil攻击等问题。为了弥补现有防御方法自身存在的脆弱性问题,提出将恶意节点识别方法和路径选择算法综合应用。首先,从多个数据源采集中继节点的信息,并对多源数据进行验证、过滤和融合,提升数据层面的安全性;其次,通过基于历史数据的带宽度量优化,一定程度上增大了对带宽长期稳定的可靠节点的选择倾向,增加了攻击者部署恶意Sybil节点的成本;然后,优化中继节点相似性评估方法,提出一种基于聚合相似性得分的最近邻排序算法,提高节点相似性分析的准确性;最后,将优化后的相似性评估方法融入路径选择算法的设计中,提出一种基于相似性感知的路径选择算法。实验结果表明,该算法不仅在抵御多种Sybil攻击时表现出更好的防御效果,而且确保了链路的性能需求得到满足。

关键词: 匿名通信, Tor, Sybil攻击, 路径选择算法

Abstract: Due to the low threshold construction conditions and open participation mechanism of Tor,attackers can conduct Sybil assaults on Tor networks by controlling a significant number of malicious Sybil nodes,posing a serious threat to user privacy.One class ofmethod defenses by identifying malicious nodes.This class of security suffers from a lack of accuracy in evaluating node similarities and challenges in recognizing malicious nodes that have targeted concealment.The other class protects by strengthening the security of the Tor path selection algorithm,which has issues such as being unable to withstand repeated Sybil attacks and finding it challenging to satisfy the needs of both performance and security.To make up for the vulnerability problem of the existing defense methods themselves,it is proposed to apply the malicious node identification methods and path selection algorithms comprehensively.First,the information of relay nodes is collected from multiple data sources,and the data from multiple sources are verified,filtered,and fused to improve the security at the data level.Second,the selection tendency of dependable nodes with long-term bandwidth stability is somewhat increased by the optimization of bandwidth measurements based on historical data,increasing the cost of deploying malicious Sybil nodes for attackers.Then,the relay node similarity assessment method is optimized,and a nearest-neighbor sorting algorithm based on aggregated similarity scores is proposed to improve the accuracy of the node similarity analysis.Finally,the optimized similarity assessment method is integrated into the path selection algorithm design,and a path selection algorithm based on similarity perception is proposed.Experimental results show that the algorithm not only shows better defense effect against multiple Sybil attacks,but also ensures that the performance requirements of the link are met.

Key words: Anonymous communication, Tor, Sybil attack, Path selection algorithm

中图分类号: 

  • TP393.08
[1]KARUNANAYAKE I,AHMED N,MALANEY R,et al.De-anonymisation Attacks on Tor:A Survey[J].IEEE Communications Surveys & Tutorials,2021,23(4):2324-2350.
[2]NASR M,BAHRAMALI A,HOUMANSADR A.Deepcorr:Strong flow correlation attacks on tor using deep learning[C]//Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security.2018:1962-1976.
[3]KOHLS K,JANSEN K,RUPPRECHT D,et al.On the Challenges of Geographical Avoidance for Tor[C]//NDSS.2019.
[4]SUN Y X,EDMUNDSON A,VANBEVER L,et al.RAPTOR:Routing attacks on privacy in Tor[C]//24th USENIX Security Symposium(USENIX Security 15).2015:271-286.
[5]RIMMER V,PREUVENEERS D,JUAREZ M,et al.Automated website fingerprinting through deep learning[J].arXiv:1708.06376,2017.
[6]SIRINAM P,IMANI M,JUAREZ M,et al.Deep fingerprinting:Undermining website fingerprinting defenses with deep learning[C]//Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security.2018:1928-1943.
[7]LI S,GUO H J,HOPPER N.Measuring information leakage in website fingerprinting attacks and defenses[C]//Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security.2018:1977-1992.
[8]WINTER P,ENSAFI R,LOESING K,et al.Identifying andcharacterizing Sybils in the Tor network[C]//25th USENIX Security Symposium(USENIX Security 16).2016:1169-1185.
[9]ZHANG W Y.Research and Implementation of Tor Network path selection strategy against sybil attacks[D].Beijing:Beijing University of Posts and Telecommunications,2020.
[10]FENG Q,XIA Y M,YAO W B,et al.Malicious Relay Detection for Tor Network Using Hybrid Multi-Scale CNN-LSTM with Attention[C]//2023 IEEE Symposium on Computers and Communications(ISCC).IEEE,2023:1242-1247.
[11]JOHNSON A,JANSEN R,JAGGARD A D,et al.Avoiding the man on the wire:Improving Tor’s security with trust-aware path selection[J].arXiv:1511.05453,2017.
[12]LV M,ZHU Y F,LIN W.Dynamic Routing Algorithm Based on Bandwidth of Anonymous Network[J].Journal of Information Engineering University,2019,20(5):591-596.
[13]HANLEY H,SUN Y X,WAGH S,et al.DPSelect:A Differential Privacy Based Guard Relay Selection Algorithm for Tor[J].Proceedings on Privacy Enhancing Technologies,2019,2:166-186.
[14]ZHAO H,WANG L M,SHEN T H,et al.Survey on Anonymity Metrics in Communication Network[J].Journal of Software,2021,32(1):218-245.
[15]EVERS B,HOLS J,KULA E,et al.Thirteen years of Tor attacks[EB/OL].https://github.com/Attacks-on-Tor/Attacks-on-Tor/blob/master/Thirteen%20years%20of%20Tor%20Atta-cks.pdf.
[16]YE L,YU X Z,ZHAO J D,et al.Deciding your own anonymity:User-oriented node selection in I2P[J].IEEE Access,2018,6:71350-71359.
[17]YANG M,ZHANG Y T,LUO J Z.Randomized bandwidthweighted node selection algorithm for anonymous communication[J].Journal of Southeast University(Natural Science Edition),2010,40(6):1169-1173.
[18]JOHNSON A,WACEK C,JANSEN R,et al.Users get routed:Traffic correlation on Tor by realistic adversaries[C]//Procee-dings of the 2013 ACM SIGSAC Conference on Computer & Communications Security.2013:337-348
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发