| With the rapid development of computer network, The internet has become one of the most important tool used to communicate and transmit information, which is accept by more and more people. Therefore, the problem of safe and private has become obvious. It becomes one of essence demand to protect identification of legal user in some applications such as E-Voting, E-Banking, and E-Commerce.Rerouting mechanism is adopted by anonymous communication system to protect identification of user. At present, rerouting mechanism employed by sutra anonymous communication system include source routing and next-hop routing. Nevertheless, source routing is based on a requirement that sender acknowledges the adjacency of participant in system. On the other hand, because the problem of key allocation cannot be effectively solved in next-hop routing, all intermediators in the rerouting path can acquire the transmitted message and address of receipt, which result into frangibility to defend attack. Thus, a new rerouting mechanism is presented in this paper, which is called Neutralization Rerouting. In this rerouting mechanism, when sender constructs path, he iteratively acquire the neighbor of participants and select one of them as intermediator. Theoretical analysis demonstrates that the capbility resisted anonymous attack can overmatch next-hop routing. Moreover the, the sender can control the path length effectively, which limit the communication delay.Predecessor Attack is one of the well-known anonymity attacks and identify collaborator in anonymous communication system is hot topic in anonymous research. In this paper, a strategy based on active path detection mechanism is proposed, which ping the every intermediators of the rerouting path by nested-encryption message. Active collaborators can be located precisely according to the response message after the collaborators destroy the rerouting path multi-times. Thus, the security and reliability of system could be enhanced effectively.To protect private of user in Internet, anonymous communicationsystem provide anonymity for legal user. There is not, however, corresponding mechanism to defend anonymity abuse, which will result in DDoS attack launched by malicious user in the system. In this paper, an Anonymity Abusing Control strategy based on multi-hash encoding is proposed. By collecting enough marked message, victim could reconstruct the attack path and figure out the attack source. Meanwhile, legal user's identity is kept anonymous, since eavesdropper cannot obtain enough marked message needed to trace. Therefore, anonymous communication system can not only provide anonymous protection but also prevent anonymity abuse. In addition, Multi-hash encoding strategy can maintain lower false rate and enhance precision of orientating Attacker. |
PDF Full Text Request