IIIT-Delhi Institutional Repository

Towards practical infrastructure for decoy routing

Show simple item record

dc.contributor.author Chakravarty, Sambuddho
dc.contributor.author Naik, Vinayak
dc.contributor.author Acharya, HB
dc.contributor.author Tanwar, Chaitanya Singh
dc.date.accessioned 2015-01-23T10:15:55Z
dc.date.available 2015-01-23T10:15:55Z
dc.date.issued 2015-01-23T10:15:55Z
dc.identifier.uri https://repository.iiitd.edu.in/jspui/handle/123456789/213
dc.description.abstract Network censorship and surveillance generally involves ISPs working under the orders of repressive regimes, monitoring (and sometimes filtering) users’ traffic, often using powerful networking devices, e.g. routers capable of performing Deep Packet Inspection (DPI). Such routers enables their operators to observe contents of network flows (traversing their routers) having specific byte sequences. Tor, a low-latency anonymity network has also been widely used to circumvent censorship and surveillance. However, recent efforts have shown that all anti-censorship measures employable using Tor, e.g. Bridges (unadvertised relays) or camouflaging Tor traffic as unfiltered protocol messages (e.g. SkypeMorph), are detectable. To bypass this arms race, several recent efforts propose network based anticensorship systems, collectively and colloquially referred to as Decoy Routers. Decoy Routing systems, relying on “friendly” network routers, aid users behind censorious ISPs to covertly access filtered networks. These Decoy Routers, otherwise operating as “normal” network routers, can on-demand double as Decoy Routers, forwarding network traffic of censored users to covert destinations. Such architectures however assume complex functionalities and programmable capabilities in commodity network routers, that currently seem infeasible. However Software Defined Networking (SDN), the emergent network design and management paradigm, involving centralized control over a network of switches, seems well suited for such requirements. In this position paper, we present the overview of a network based anti-censorship system consisting of several centrally co-ordinated switches, operating as Decoy Routers. Deploying centrally controlled switches, that double as Decoy Routers, could potentially have several advantages over existing proposal, that have until now only been prototyped through commodity desktops – efficiency to switch traffic at line speeds, detecting misbehaving switches, cascading multiple Decoy Routers to assume a hybrid posture for both anonymity and censorship resistance, load-balancing, and automatic failover. en_US
dc.language.iso en_US en_US
dc.relation.ispartofseries IIITD-TR-2015-001
dc.subject ISP en_US
dc.subject DPI en_US
dc.subject E2M en_US
dc.title Towards practical infrastructure for decoy routing en_US
dc.type Technical Report en_US

Files in this item

This item appears in the following Collection(s)

Show simple item record

Search Repository

Advanced Search


My Account