Rebound: Decoy routing on asymmetric routes via error messages

@article{Ellard2015ReboundDR,
  title={Rebound: Decoy routing on asymmetric routes via error messages},
  author={Daniel Ellard and Christine E. Jones and Victoria Manfredi and W. Timothy Strayer and Bishal Thapa and Megan Van Welie and Alden W. Jackson},
  journal={2015 IEEE 40th Conference on Local Computer Networks (LCN)},
  year={2015},
  pages={91-99}
}
Decoy routing is a powerful circumvention mechanism intended to provide secure communications that cannot be monitored, detected, or disrupted by a third party who controls the user's network infrastructure. Current decoy routing protocols have weaknesses, however: they either make the unrealistic assumption that routes through the network are symmetric (i.e., the router implementing the decoy routing protocol must see all of the traffic, in both directions, from each connection it modifies… 

Figures and Tables from this paper

MultiFlow: Cross-Connection Decoy Routing using TLS 1.3 Session Resumption
TLDR
This work designs MultiFlow, a new decoy routing protocol that re-uses the TLS protocol’s session resumption mechanism to enable the decoy router itself to resume a clients’ session.
The Waterfall of Liberty: Decoy Routing Circumvention that Resists Routing Attacks
TLDR
This paper designs the first downstream-only decoy routing system, called Waterfall, and shows that a Waterfall implementation with only a single decoy AS is as resistant to routing attacks (against China) as a traditional decoy system (e.g., Telex) with 53 decoy Ases.
Qi points : placing decoy routers in the internet
TLDR
A map of the structure of the Internet is constructed, as a graph of such AS-level paths and a new way to identify key points those few ASes which appear on a large fraction of paths leading to these popular websites is presented.
SiegeBreaker: An SDN Based Practical Decoy Routing System
TLDR
A novel DR system, Siege- Breaker (SB), which solves the aforementioned problems using an SDN-based architecture and achieves performance comparable to direct TCP downloads, for both in-lab setups, and Internet based tests involving commercial SDN switches.
The Devil's in The Details: Placing Decoy Routers in the Internet
TLDR
It is demonstrated with real paths that the number of ASes required for a world-wide DR framework is small, and censor nations' attempts to filter traffic along the paths transiting these 30 ASes will not only block their own citizens, but others residing in foreign ASes.
Secure asymmetry and deployability for decoy routing systems
TLDR
A technique for supporting route asymmetry in previously symmetric decoy routing systems is proposed, more secure than previous asymmetric proposals and provides an option for tiered deployment, allowing more cautious ASes to deploy a lightweight, non-blocking relay station that aids in defending against routing-capable adversaries.
Slitheen: Perfectly Imitated Decoy Routing through Traffic Replacement
TLDR
This work proposes Slitheen, a decoy routing system capable of perfectly mimicking the traffic patterns of overt sites, and shows how recent innovations in traffic-shaping technology for ISPs mitigate previous deployability challenges.
Optimal Decoy Routing Through Game Theory
TLDR
This paper investigates the best decoy placement given the best RAD censorship, and considers two business models for the real-world deployment of decoy routers: a central deployment that resembles that of Tor and a distributed deployment where autonomous systems individually decide on decoy deployment based on their economic interests.
Conjure: Summoning Proxies from Unused Address Space
TLDR
Conjure is presented, an improved Refraction Networking approach that overcomes limitations by leveraging unused address space at deploying ISPs and connects to IP addresses where no web server exists leveraging proxy functionality from the core of the network.
GAME OF DECOYS: Optimal Decoy Routing Through Game Theory
TLDR
This paper performs the first systematic analysis of decoy routing in the presence of the RAD attack, using game theory to model the interactions between decoy router deployers and the censors in various settings, and investigates the best decoy placement given the best RAD censorship.
...
...

References

SHOWING 1-10 OF 26 REFERENCES
Routing around decoys
TLDR
It is shown that a routing capable adversary can enumerate the participating routers implementing these protocols; can successfully avoid sending traffic along routes containing these routers with little or no adverse effects; and in some cases can probabilistically identify connections to targeted destinations.
No Direction Home: The True Cost of Routing Around Decoys
TLDR
The first lesson of this study is that defeating decoy routing by simply selecting alternative Internet routes is likely to be prohibitively expensive for the censors, and the second, even more important lesson is that a fine-grained, data-driven approach is necessary for understanding the true costs of various route selection mechanisms.
Cirripede: circumvention infrastructure using router redirection with plausible deniability
TLDR
Cirripede is a system that can be used for unobservable communication with Internet destinations and is designed to be deployed by ISPs, intercepts connections from clients to innocent-looking destinations and redirects them to the true destination requested by the client.
Tor: The Second-Generation Onion Router
TLDR
This second-generation Onion Routing system addresses limitations in the original design by adding perfect forward secrecy, congestion control, directory servers, integrity checking, configurable exit policies, and a practical design for location-hidden services via rendezvous points.
Optimizing the Placement of Implicit Proxies
TLDR
This paper forms and solves the problem of proxy placement, and evaluates the algorithms on snapshots of the Internet topology for a variety of client and destination sets and considers smart filtering techniques that select alternate routes to avoid implicit proxies.
Telex: Anticensorship in the Network Infrastructure
TLDR
A new cryptographic scheme based on elliptic curves for tagging TLS handshakes such that the tag is visible to a Telex station but not to a censor, which is used to build a protocol that allows clients to connect to Telex stations while resisting both passive and active attacks.
On routing asymmetry in the Internet
TLDR
The studies show that academic networks appear to be more symmetric than general commercially deployed networks and that routing asymmetry exhibits a skewed distribution i.e., a few end-points seem to display a higher extent of participation on asymmetric routes.
TapDance: End-to-Middle Anticensorship without Flow Blocking
TLDR
This paper implements and evaluates a TapDance prototype, a new construction that allows the anticensorship station at an ISP to function as a passive network tap, without an inline blocking component, and applies a novel steganographic encoding to embed control messages in TLS ciphertext, allowing it to operate on HTTPS connections even under asymmetric routing.
Estimating routing symmetry on single links by passive flow measurements
TLDR
This paper uses passively captured network data to estimate the amount of traffic actually routed symmetrically on a specific link, and proposes a Flow-Based Symmetry Estimator -- a set of metrics to assess symmetry in terms of flows, packets and bytes, which disregards inherently asymmetrical traffic.
Infranet: Circumventing Web Censorship and Surveillance
TLDR
The design, a prototype implementation, security properties, and performance of Infranet, a system that enables clients to surreptitiously retrieve sensitive content via cooperating Web servers distributed across the global Internet, are described.
...
...