| With the rapid development of Internet, computer network has been widely used as a communication tool among government departments, organizations and people. However, when we are enjoying the convenience of Internet, we encountered the threat coming from it at the same time, like the virus. As a consequence, the network security shows out in front of us and demonstrates its importance.In the past, network security focused on confidentiality, integrity, availability, traceability and non-repudiation. These security measures are all concentrated on the content of information while they neglect the importance of protecting the addresses of senders and receivers. The reason lies in the protocols adopted by Internet, such as HTTP, TCP/IP, ICMP and so on, don't consider the anonymity of communication when they were designed. Therefore, the identity and communication relationship of users may be exposed.In order to solve above-mentioned potential security problem, protection for identity of network nodes and participants, researching the anonymous communication technology and its usage in large scale network is becoming more and more important. Security and traffic performance of Anonymous Communication System(ACS) are surveyed. This dissertation makes five contributions as follows.(1) Based on deeply research on rerouting anonymous communication techniques, two types of rerouting mechanisms(source rerouting and next-hop rerouting) are compared and an anonymous communication system based on simple proxy is implemented. This system can provide anonymous access service of Web while it is simple and easy of use.(2) On the basis of surveying and analysis on rerouting techniques, Location-diversity-based Nodes Selecting Algorithm(LNSA) and RTT-based Nodes Selecting Algorithm(RNSA) are presented, modeled and compared. The experimental results indicate that, security of the LNSA is better than the original if adversaries are rather mass, and the increased cost brought by LNSA could be reduced by RNSA.(3) Based on the analysis of traditional anonymous communication framework, a Hierarchical Location-diversity-based Low-delay Anonymous Communication Framework(HLLACF) is proposed, in which zone directory server (ZDS) is introduced. The security of HLLACF is modeled and analyzed. The theoretic analysis and simulation experiment indicate that HLLACF can effectively strengthen the security of ACS. The HLLACF based on LNSA can prevent AS-Level passive attack and other familiar attacks well while commnunicaton delay is decreased, and HLLACF also scales well.(4) Aimed at the inflexibility brought by past ACS without considering traffic cost, an Anonymity-Level selected Hierarchical Anonymous Communication Framework (ALHACF) is presented based on HLLACF, in which the path selected and node selected of ALHACF are determined by the probability. Different anonymity-level is selected by users according to their requirements, so the scope of application is effectively expanded. The anonymity and communication performance of ALHACF are deeply analyzed. The theoretic analysis and simulation experiments indicate that ALHACF keeps good anonymity and increases the communication performance remarkably.(5) Incentive mechanism is introduced in the design of ACS. An Incentive-based Low-delay Anonymous Communication Framework(ILACF) is proposed, the simulation experiment and analysis are introduced. The result shows that ILACF has better anonymity and traffic performance than ALHACF while reserves all security merits of ALHACF.Research findings of this paper provide theoretic basis for resolving malicious nodes and selfish nodes discovery mechanism, and have important theoretic and practical meanings for in-depth reaearching on anonymous communication framework and improving the traffic performance and security of anonymous communication systems.
|
PDF Full Text Request