0 Bewertungen0% fanden dieses Dokument nützlich (0 Abstimmungen)
20 Ansichten5 Seiten
TOR (The onion router) is a low latency anonymous communication system for enabling online anonymity. TOR directs Internet traffic through a free, worldwide volunteer
network consisting of more than three thousand relays
to conceal a user's location or usage from anyone conducting network surveillance or traffic analysis. Tor aims to conceal its users' identities and their network activity from surveillance and traffic analysis by separating identification and routing. It is an implementation of onion routing, which encrypts and then randomly bounces communications through a network of relays run by volunteers around the globe. Because the internet address of the sender and the recipient are not both in clear text at any hop along the way, anyone eavesdropping at any point along the communication channel cannot directly identify both ends. Furthermore, to the recipient it appears that the last Tor node (the exit node) is the originator of the communication rather than the sender. Because of this TOR communication system, if an intruder is going to make any unauthenticated changes to system then it is not possible to track him back. In this paper we proposed a solution for this problem by using ‘Cell-Reckoning-Intrusion –Against TOR’. By the no of experiment on TOR we found that the size of IP packets in the Tor network can be very dynamic because a cell is an application concept and the IP layer may repack cells. In this attack, the attacker can embed a secret signal into the variation of cell counter of the target traffic. The embedded signal will be carried along with the target traffic and arrive at the malicious entry onion router. Then, an accomplice of the attacker at the malicious entry onion router will detect the embedded signal based on the received cells and confirm the communication relationship among users. We have implemented this intrusion against Tor, and our experimental data validate is highly effective and efficient.
TOR (The onion router) is a low latency anonymous communication system for enabling online anonymity. TOR directs Internet traffic through a free, worldwide volunteer
network consisting of more than three thousand relays
to conceal a user's location or usage from anyone conducting network surveillance or traffic analysis. Tor aims to conceal its users' identities and their network activity from surveillance and traffic analysis by separating identification and routing. It is an implementation of onion routing, which encrypts and then randomly bounces communications through a network of relays run by volunteers around the globe. Because the internet address of the sender and the recipient are not both in clear text at any hop along the way, anyone eavesdropping at any point along the communication channel cannot directly identify both ends. Furthermore, to the recipient it appears that the last Tor node (the exit node) is the originator of the communication rather than the sender. Because of this TOR communication system, if an intruder is going to make any unauthenticated changes to system then it is not possible to track him back. In this paper we proposed a solution for this problem by using ‘Cell-Reckoning-Intrusion –Against TOR’. By the no of experiment on TOR we found that the size of IP packets in the Tor network can be very dynamic because a cell is an application concept and the IP layer may repack cells. In this attack, the attacker can embed a secret signal into the variation of cell counter of the target traffic. The embedded signal will be carried along with the target traffic and arrive at the malicious entry onion router. Then, an accomplice of the attacker at the malicious entry onion router will detect the embedded signal based on the received cells and confirm the communication relationship among users. We have implemented this intrusion against Tor, and our experimental data validate is highly effective and efficient.
TOR (The onion router) is a low latency anonymous communication system for enabling online anonymity. TOR directs Internet traffic through a free, worldwide volunteer
network consisting of more than three thousand relays
to conceal a user's location or usage from anyone conducting network surveillance or traffic analysis. Tor aims to conceal its users' identities and their network activity from surveillance and traffic analysis by separating identification and routing. It is an implementation of onion routing, which encrypts and then randomly bounces communications through a network of relays run by volunteers around the globe. Because the internet address of the sender and the recipient are not both in clear text at any hop along the way, anyone eavesdropping at any point along the communication channel cannot directly identify both ends. Furthermore, to the recipient it appears that the last Tor node (the exit node) is the originator of the communication rather than the sender. Because of this TOR communication system, if an intruder is going to make any unauthenticated changes to system then it is not possible to track him back. In this paper we proposed a solution for this problem by using ‘Cell-Reckoning-Intrusion –Against TOR’. By the no of experiment on TOR we found that the size of IP packets in the Tor network can be very dynamic because a cell is an application concept and the IP layer may repack cells. In this attack, the attacker can embed a secret signal into the variation of cell counter of the target traffic. The embedded signal will be carried along with the target traffic and arrive at the malicious entry onion router. Then, an accomplice of the attacker at the malicious entry onion router will detect the embedded signal based on the received cells and confirm the communication relationship among users. We have implemented this intrusion against Tor, and our experimental data validate is highly effective and efficient.
A Novel Cell Reckoning Intrusion against TOR Ujjaneni Siva Lalitha 1 , Prof.S.V.Achutha Rao 2
Ujjaneni Siva Lalitha pursuing M.Tech(CSE), Vikas College of Engineering and Technology (VCET), Nunna, Vijayawada, Affliated to JNTU,Kakinada,A.P.,India 2 S.V. Achuta Rao is working as a Professor & Head,Department of CSE at Vikas College of Engineering and Technology (VCET), Nunna, Vijayawada, India.
Abstract:- TOR (The onion router) is a low latency anonymous communication system for enabling online anonymity. TOR directs Internet traffic through a free, worldwide volunteer network consisting of more than three thousand relays
to conceal a user's location or usage from anyone conducting network surveillance or traffic analysis. Tor aims to conceal its users' identities and their network activity from surveillance and traffic analysis by separating identification and routing. It is an implementation of onion routing, which encrypts and then randomly bounces communications through a network of relays run by volunteers around the globe. Because the internet address of the sender and the recipient are not both in clear text at any hop along the way, anyone eavesdropping at any point along the communication channel cannot directly identify both ends. Furthermore, to the recipient it appears that the last Tor node (the exit node) is the originator of the communication rather than the sender. Because of this TOR communication system, if an intruder is going to make any unauthenticated changes to system then it is not possible to track him back. In this paper we proposed a solution for this problem by using Cell-Reckoning-Intrusion Against TOR. By the no of experiment on TOR we found that the size of IP packets in the Tor network can be very dynamic because a cell is an application concept and the IP layer may repack cells. In this attack, the attacker can embed a secret signal into the variation of cell counter of the target traffic. The embedded signal will be carried along with the target traffic and arrive at the malicious entry onion router. Then, an accomplice of the attacker at the malicious entry onion router will detect the embedded signal based on the received cells and confirm the communication relationship among users. We have implemented this intrusion against Tor, and our experimental data validate is highly effective and efficient. Keyword- Anonymous, reckoning, mix networks, intrusion, signal, Tor I-INTRODUCTION Tor abbreviation is The Onion Router; it is free software for enabling online anonymity. Tor directs Internet traffic through a free, worldwide volunteer network consisting of more than three thousand relays to conceal a user's location or usage from anyone conducting traffic analysis. Using Tor makes it more difficult to trace Internet activity, including "visits to Web sites, online posts, instant messages and other communication forms", back to the user and is intended to protect users' personal privacy, freedom, and ability to conduct confidential business by keeping their internet activities from being monitored. Onion routing refers to the layers of the encryption used. The original data, including its destination, are encrypted and re- encrypted multiple times, and sent through a virtual circuit comprising successive, randomly selected Tor relays. Each relay decrypts a "layer" of encryption to reveal only the next relay in the circuit in order to pass the remaining encrypted data on to it. The final relay decrypts the last layer of encryption and sends the original data, without revealing or even knowing its sender, to the destination. This method reduces the chance of the original data being understood in transit and, more notably, conceals the routing of it.
Fig 1: TOR Work Flow As we can see that when a user A want to communicate the User B, the communication can be done directly and if we want to provide security to the application i.e. to hide the details like IP Address of A we need to go for a new type of an router which is Onion Router. International Journal of Computer Trends and Technology (IJCTT) volume 4 Issue 7July 2013 ISSN: 2231-2803 http://www.ijcttjournal.org Page 2393
Onion Router as shown above does two things i.e. encryption and also the decryption of the details. As the communication in distributed architecture happens only through the IP address. So we can hide the IP from being shown to others and it is possible only through the TOR. Working of the TOR TOR stands for The Onion Router and this router helps the user to change his IP and then go for his search over the internet. Just because of TOR the user can break the rules of Cyber world i.e. if the user uses TOR IP address can be spoofed i.e. modified and the IP which will be generated is the one which never exists in reality. TOR internal structure look s like Onion i.e. many roots inside it means that out of many routes the route can be selected and then communication can be processed. User A gives his request to the system which is we can call as middle ware server which has the onion router inbuilt in it and just because of this router the IP will be encrypted and the request will be forwarded to the system which was requested as originally, this server which contains onion router creates a new IP address and that IP if we try to track it we can never track it back because that ID never exists. This TOR gives benefit and disadvantage in equal manner. Its advantage is that the IP address of an defense organization can be saved from being shown to the users which is actually not required, the disadvantage of this router is that if a user uses for his illegal work i.e. crashing any server by changing his IP, and when the cyber crime organization tries to track the details of the user who has done that crime then the details cannot be tracked just because of the onion router which that user has used to modify the IP Address.
Here we are going to discuss about the work done to show the implementation of the TOR attacks. We have simulated two things in the implementation i.e., showing how can we create a onion router and at the same time if somebody uses onion router then track login details and verify the actioon at every step. With this experimental setup we are showing that we can save our data as well as Server by keeping a continuous track on the user part of actions done in that application.
We show the process of onion router creation,
a. Randomized router simulation implementation
We have implemented the above concept which actually helps the user to spoof his IP address i.e., modify the actual IP and generate a random IP and that IP which is generated by this router is almost similar to onion router means which cannot be tracked back by anybody for further process.
The class which is been used here in this process of IP generation is Random and is provided from the utility package. Random class is used to generate a random number from within the limit that we specify for it as an input. The work that we are going to do here in this project is track the actual IP of the user and then depending on their request on using this randomized router a new IP will be generated based on the values of the actual IP.
Here we need to take care is that the simulation will work more efficiently when we run the code for the new IP generaton when the current system is connected in LAN as we want to show an distributed type of an application. Once the system is in LAN the IP will be dynamic i.e., it will no more be an localhost and IP of which will be 127.0.0.1 and this scenario will not support randomized router simulation because we need a non-zero digit for the Random class with which it is going to generate a new number sequence for the user and in this manner four different set of number can be generated and on clubbing those numbers a new IP will be generated and it can also be called as an virtual IP.
Processing cell at onion routers- Fig. 3 illustrates the procedure of processing cells at onion routers.
Fig 2-processing cell at onion router.
International Journal of Computer Trends and Technology (IJCTT) volume 4 Issue 7July 2013 ISSN: 2231-2803 http://www.ijcttjournal.org Page 2394
In the above diagram we can see that how a cell is being processed at different layers for transmitting data from one end to the other.
III. CELL-RECKONING-BASED INTRUSION
Here we are going to show the implementation of this concept and also the implementation of the Randomized router simulation i.e., how are we getting a new IP address.
A. Basic Idea of Cell Reckoning Intrusion- The main idea about this concept is that we are showing how a user tries to change IP address using a router and then when tries to modify or do something on the server then the accessibility will be blocked because of the illegal action being done. Here illegal action refers to the changing of IP and then trying to take data, which is not allowed in this application the protocol is designed in this manner for safer transaction on the servers.
Fig 3-Cell-Reckoning-Based Intrusion
Randomized Router Simulation:
As discussed earlier this process is used to modify the actual IP address to a new IP which is similar to an IP but the thing is when we start tracking it we cannot trace back the original user.
Input to the router : Actual IP other than local host(127.0.0.1) should be given because the user is expected to be from a remote machine and not from the stand alone machine.
Once the IP is given or tracked the router will break it into pieces and then generate a new IP address, and the class used will be Random class
Random class from Utility package,
To generate a random number from between 0 and 10,
Random r=new Random(); int a=r.nextInt(10);
The variable a will have a value in-between 0 and 10, it can also be 0 or it can also be 10 or it can be any value between 0 and 10.
B.Issues and Solutions-with the discussion we know that there are two circuit issues related to the attack. a)Encoding Signals at Exit Onion Router- It is not enough to encode a signal at the entry side to encode the input with 1 bit.
Let S={ }be the signal where n is signal length and Sj=0 or 1 and Time Sequence of signal S arrive to OR be T={T0,T1,.,Tn-1},and average time of calling the read event is Tread and average time for write event is Trite and Delay interval between signal is I and D is the delay in data transmission. The relationship is-
T i+1 =T i + I + D(0i<n-1).
T i + T read + T write T i+1 +T read T I + T write T i + I + D T write I + D b)Decoding Signals at Entry Onion Router-
when a cell has to travel so many nodes over the network its obvious that the signal strength is going to be weaken and which will be a problem for the transmission of the signal over the network for the communication process. We need to take care about the number of nodes in between to complete the communication process should be minimized.
{ } ={1} { , } ={1,0} { , } { , } ={1, (2+1)} ={1 , 3} Type I Type II { , , } ={0,1,0} { , , } ={0,1,0} { } ={(1+3+1)} ={5} { , } ={(1+1),(2+1)}={2,3} Type III Type IV Fig 4-Example of signal division and combination.
International Journal of Computer Trends and Technology (IJCTT) volume 4 Issue 7July 2013 ISSN: 2231-2803 http://www.ijcttjournal.org Page 2395
IV- ANALYSIS
Here we are going to discuss about the accuracy of the system that we have designed for the safer communication purpose. We have the router and also we are showing that how can we stop the cyber online crime in online web applications. So it the minimum requirement to have this type of implementation to avoid the attacks which are being done by the unknown users or intruders or attackers.
A. Detection Rate-
We view that the major factor causing detection error is network dynamics, which leads to combination and division of cell groups. Detection rate is defined as the detection rate for an n-bit original signal-
P D ,n = (P D ) n
Which is a monotonously increasing function with the delay interval as well.
B. False Positive Rate- The false positive rate for recognizing an n-bit signal can be calculated by
P F, n = ( ) n =( ) n
C.Attack Capacity-
The channel model in our system is a discrete and memory less channel (DMC). This attack can be modeled as a binary erasure communication channel.
The capacity in units of bits per second for a DMC is given by-
C t =
V -EXPERIMENTAL EVALUATION
A.Experimental Setup- In our experiment we have shown that when a user tries to use a router which is onion router then the application senses every part of the application and will block the request which is coming from the IP which is modified and being the original one.
This can detect that change because in the application it is written like when a user is logging in a normal way the details like login id and also the IP is tracked and once after the onion router is used and when requests for a file the IP addresses are compared and its obvious that the IP will not match and in this scenario the user request will get blocked by the application and from there on the user cannot perform any task.
B. Experimental Result-
Below graph is giving us the experimental results carried out with different inputs and it shows the way delay gets introduced when the communication links gets increased in the system. So, it is preferred to have a system which should be flexible to the user request and to capture the type of user whether a genuine user or an intruder trying to access the details.
Fig 5- Detection rate versus delay interval
VI- CONCLUSION
We have given a solution for a system like the way it can catch hold an intruder who is trying to damage the server by changing the original IP address. This paper gives a good knowledge on TOR and also the way to avoid the attacks made by the system/user who tries to modify the content on server without the authentication. So it is necessary for every application to track all the details of a particular user from the time started browsing the application till the user moves out from that application. We have done the same process i.e., we have shown a user trying to access the details in a normal way and also shown the process in which trying to access the details after modifying the IP address and in both of these scenarios the second one should not be supported where when a user is trying to access the details from the server after modifying the IP then the user will get blocked and cannot do International Journal of Computer Trends and Technology (IJCTT) volume 4 Issue 7July 2013 ISSN: 2231-2803 http://www.ijcttjournal.org Page 2396
anything. By this we can say that all the applications in real- time can be created in the same manner to avoid the damage of servers.
REFERENCES
N. S. Evans, R. Dingledine, and C. Grothoff, A practical congestion. attack on Tor using long paths, in Proc. 18th USENIX Security Symp., Aug. 1014, 2009 S. J. Murdoch, Hot or not: Revealing hidden services by their clock skew, in Proc. 13th ACM CCS, Nov. 2006 R. Pries, W. Yu, X. Fu, and W. Zhao, A new replay attack against anonymous communication networks, in Proc. IEEE ICC, May 1923, 2008. D. Mccoy, K. Bauer, D. Grunwald, T. Kohno, and D. Sicker, Shining light in dark places: Understanding the Tor network, in Proc. 8thPETS, 2008. S. U. Khaunte and J. O. Limb, Packet-level traffic measurements from a Tier-1 IP backbone, Georgia Institute of Technology, Atlanta, GA, Tech. Rep., 1997.
AUTHORS PROFILE
Ujjaneni Siva lalitha, Pursuing M.Tech(CSE) Vikas College of Engineering and Technology (VCET), Nunna, Vijayawada.Affliated to JNTUK, Kakinada,A.P.,India
Prof S.V.Achutha Rao, is working as a HOD of CSE at Vikas College of Engineering and Technlogy(VCET),Nunna,V ijayawada,Affliated to JNTUK,Kakinada,A.P.,India