Design and analysis of an IP-Layer anonymizing infrastructure

H. T. Kung, Chen Mou Cheng, Koan Sin Tan, S. Bradner

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

7 Scopus citations

Abstract

This paper describes an IP-layer anonymizing infrastructure, called ANON which allows server addresses to be hidden from clients and vice versa. In providing address anonymity, ANON uses a network resident set of IP-layer anonymizing forwarders that can forward IP packets with nested encryption and decryption applied to their source and destination addresses. To prevent adversaries from compromising the anonymity by learning the forwarding path, ANON incorporates a suite of countermeasures, including non-malleable, semantically secure link encryption and link padding. To lower the bandwidth cost of padding traffic, two novel algorithms are suggested: on demand link padding and probabilistic link padding. To prevent inband denial of service (DoS) attacks through the anonymizing infrastructure itself ANON uses rate limiting. Finally, ANON makes use of fault-tolerant transport networks to enhance its resilience against failures and out-band attacks.

Original languageEnglish
Title of host publicationProceedings - DARPA Information Survivability Conference and Exposition, DISCEX 2003
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages62-75
Number of pages14
ISBN (Electronic)0769518974, 9780769518978
DOIs
StatePublished - 2003
Externally publishedYes
EventDARPA Information Survivability Conference and Exposition, DISCEX 2003 - Washington, United States
Duration: 22 04 200324 04 2003

Publication series

NameProceedings - DARPA Information Survivability Conference and Exposition, DISCEX 2003
Volume1

Conference

ConferenceDARPA Information Survivability Conference and Exposition, DISCEX 2003
Country/TerritoryUnited States
CityWashington
Period22/04/0324/04/03

Bibliographical note

Publisher Copyright:
© 2003 IEEE.

Keywords

  • Authentication
  • Bandwidth
  • Computer crime
  • Costs
  • Laboratories
  • Monitoring
  • Probability distribution
  • Protocols
  • Telecommunication traffic
  • Testing

Fingerprint

Dive into the research topics of 'Design and analysis of an IP-Layer anonymizing infrastructure'. Together they form a unique fingerprint.

Cite this