Denial Of Service Attacks And Defense Methods For Tor Darknet

Anonymous communication network Tor is one of the most widely used anonymous systems,which can hide the real addresses of both parties and protect the data transmitted on the network.Tor hidden service is a protocol to protect the identity address of the service party.The guard node is the first hop node of the hidden service link to the Tor network.It is a key node to protect the privacy of the identity address of the hidden server and a key node that affects the performance of the hidden service.Therefore,attacks and defenses against guard nodes and hidden services in the Tor network have become an important issue for the security of the Tor darknet.Due to the large number of nodes in the Tor network and the randomness of network traffic fluctuations,it is difficult to find the guard nodes of the target hidden service in the entire Tor network.After finding the target guard node,using conventional denial-of-service attacks on it usually causes the attacker to consume a lot of attack resources.In response to the above problems,this paper focuses on the threat of Do S attacks to hidden services and guard nodes,and proposes a side-channel attack to discover target guard nodes and a denial of service attack to target hidden services.At the same time,a set of communication protocol levels is formulated The defense scheme of multi-guard nodes.The main work and achievements are as follows:(1)Aiming at the problems that hidden service guard nodes are easy to be found and inefficient in conventional side-channel attacks,a two-step side-channel attack method based on screening and verification is proposed based on the vulnerability of Tor communication protocol.First use special cells to send traffic to the hidden service,discover the candidate set of guard nodes for the given hidden service,then use a short burst traffic congestion attack on the nodes in the candidate set,and access the given hidden service,and then detect the change of access time to get authenticating.By setting different experimental parameters,the effect of side channel attack is analyzed and evaluated.(2)Taking advantage of the characteristics of the current Tor hidden service protocol,a Do S attack method for the hidden service in Tor is proposed.According to the different stages of Tor hidden service release,link establishment and data transmission,the network nodes related to hidden services such as hidden service catalog,introduction node,hidden service guard node and hidden server are explored and analyzed based on bandwidth and memory Do S attacks.The denial-of-service attack methods of bandwidth level and memory level are used to attack the guard nodes of hidden services,and at the same time,experiments are carried out to directly launch POST attacks to hidden services.Based on the experimental results,a theoretical analysis is made on the impact of the hidden directory server and the introduction node attack on the hidden service and the attack cost.(3)Aiming at the threat of Do S attacks to Tor hidden services,a multi-guarded node defense scheme is proposed to alleviate the impact of Do S attacks on hidden services.Further,the defense model based on multi-guard nodes proposes strategies against side-channel attacks and Do S attacks,respectively.In the strategy against side-channel attacks,the defense model based on multi-guard nodes considers the traffic distribution strategy and route allocation strategy,and theoretically analyzes the effect of defending against side-channel attacks.The defense model designed a set of detection and filtering strategies for Do S attacks.Combined with the analysis effect of countermeasures against side-channel attacks and Do S attacks,the superiority of the multi-guard node defense model is reflected..