Understanding Network Source Concealment
Tom Daniels - CERIAS
Oct 31, 2001
AbstractBoth conventional and anonymity-oriented networks allow users to create traffic in such a way that determining its source is difficult. Although a significant amount of work has been devoted to developing anonymity-oriented networks, little work has addressed explaining their general mechanisms. In conventional networks, a great deal of work has focused on authentication and to a lesser extent determining the source of attacks and other traffic, but little work addresses greater understanding of the network features that facilitate or allow source concealed traffic.
In this talk, we describe a model of networks that unifies the source concealment features of conventional networks and the anonymity systems that run over them. The model discusses the observable features of network traffic and describes their role in correlating traffic to its source. We also describe the types of network mechanisms used to conceal and obscure these features. We then discuss an entropy-based measure of effectiveness of source concealment systems. The model is then applied to a number of source concealment systems to evaluate the model.
About the SpeakerTom Daniels is a Ph.D. Student in Computer Science at Purdue University. He is currently Gene Spafford's senior student working on issues of network forensics. Tom received his M.S. in Computer Science from Purdue in 1999 and his B.S. in Computer Science from Southwest Missouri State University in 1995. His research interests include network and host security especially intrusion detection.
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.