Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Mitigating Denial of Service Attacks using Anonymity Networks: Relationship Anonymity-Communication Overhead Trade-off
KTH, School of Electrical Engineering (EES), Communication Networks.
KTH, School of Electrical Engineering (EES), Communication Networks.ORCID iD: 0000-0002-4876-0223
KTH, School of Electrical Engineering (EES), Communication Networks.ORCID iD: 0000-0002-3704-1338
(English)Manuscript (preprint) (Other academic)
Abstract [en]

Denial-of-service attacks are a significant threat to mission critical communication infrastructures, e.g., to industrial control systems. They are relatively easy to perpetrate, as an attacker that has access to communication links or equipment could observe the source and destination addresses for every message, and can identify and discard the messages exchanged between particular communication participants. Mix networks and anonymity networks could render these attacks more difficult by providing anonymous communication via relaying. Nevertheless, relaying introduces overhead and increases the end-to-end message delivery delay, which in practice must often be low. Hence, an important question is how to optimize anonymity for limited overhead and delay. In this paper we address this question by studying two anonymity networks: MCrowds, an extension of Crowds, which provides unbounded communication delay and Minstrels, which provides bounded communication delay. We derive exact and approximate analytical expressions for the relationship anonymity for these systems. Using MCrowds and Minstrels we show that, contrary to intuition, increased overhead does not always improve anonymity. We investigate the impact of the system's parameters on anonymity and on the optimal anonymity network parameters, and the sensitivity of anonymity to the misestimation of the number of attackers.

National Category
Communication Systems Computer Systems
Research subject
Electrical Engineering
Identifiers
URN: urn:nbn:se:kth:diva-145336OAI: oai:DiVA.org:kth-145336DiVA: diva2:717745
Note

QC 201040708

Available from: 2014-05-16 Created: 2014-05-16 Last updated: 2014-07-08Bibliographically approved

Open Access in DiVA

fulltext(571 kB)55 downloads
File information
File name FULLTEXT01.pdfFile size 571 kBChecksum SHA-512
8d46de61fa2434efe7938e6104d11509a6890f02217cecba52c1dcae6e6873fea26786502e67c43503cf88630d71c46ad2b5d41e6b8348d225f922ae738591f1
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Vuković, OgnjenDán, GyörgyKarlsson, Gunnar
By organisation
Communication Networks
Communication SystemsComputer Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 55 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 88 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf