ProQuest Document View - Design and implementation of secure trusted overlay networks

ProQuest^® Dissertations & Theses

The world's most comprehensive collection of dissertations and theses. Learn more...

Design and implementation of secure trusted overlay networks

by Jacob, Matthias, Ph.D., PRINCETON UNIVERSITY, 2009, 162 pages; 3374802

Abstract:

Denial-of-service attacks, malicious routing updates, and online identity theft are clearly on the rise on the Internet, costing the US industry billions of dollars. In reaction, there is a large effort to design new technologies such as Trusted Computing that solve many of these problems efficiently. However, state-of-the-art systems for anonymous communication have various weaknesses against traffic analysis and are often designed for one specific purpose. So far, Trusted Computing has not been considered for improving the efficiency of Internet anonymity and privacy and building a general-purpose architecture to solve the problem.

In this thesis we describe the design and implementation of Secure Trusted Overlay Networks (STONe). STONe is the first system for general-purpose anonymous communication that is entirely based on Trusted Computing. STONe significantly improves anonymous communication on the Internet and makes three main contributions. First, STONe uses Trusted Computing to protect against Byzantine Failures on the network stack to provide an overlay network for scalable, efficient secure routing, and end-to-end communication. This prevents many active denial-of-service attacks on an anonymity network and provides a foundation for more robust protection against traffic analysis. Second, STONe is the first system to provide anonymous routing through load-balancing by random routing previously used for local cluster networks. This turns out to better protect against most existing traffic analysis attacks. Such attacks have yet been difficult to come by, namely the Predecessor Attack and the Intersection Attack. Third, on the application-level, STONe provides application-level anonymity through trusted anonymous sockets and a trusted name service, an inexpensive trusted certification mechanism with one-way per-session authentication. We implemented and evaluated a prototype of STONe on Planet Lab and show that it significantly outperforms state-of-the-art systems for anonymous communication at the expense of additional Trusted Computing hardware.

Advisor:	Felten, Edward W.
School:	PRINCETON UNIVERSITY
Source:	DAI-B 70/09, p. , Mar 2010
Source Type:	Ph.D.
Subjects:	Computer science
Publication Number:	3374802

Access the complete dissertation:

» Find an electronic copy at your library.

Use the link below to access a full citation record of this graduate work:

http://gateway.proquest.com/openurl%3furl_ver=Z39.88-2004%26res_dat=xri:pqdiss%26rft_val_fmt=info:ofi/fmt:kev:mtx:dissertation%26rft_dat=xri:pqdiss:3374802

If your library subscribes to the ProQuest Dissertations & Theses (PQDT) database, you may be entitled to a free electronic version of this graduate work. If not, you will have the option to purchase one, and access a 24 page preview for free (if available).

About ProQuest Dissertations & Theses
With over 2.3 million records, the ProQuest Dissertations & Theses (PQDT) database is the most comprehensive collection of dissertations and theses in the world. It is the database of record for graduate research.

The database includes citations of graduate works ranging from the first U.S. dissertation, accepted in 1861, to those accepted as recently as last semester. Of the 2.3 million graduate works included in the database, ProQuest offers more than 1.9 million in full text formats. Of those, over 860,000 are available in PDF format. More than 60,000 dissertations and theses are added to the database each year.

If you have questions, please feel free to visit the ProQuest Web site - http://www.il.proquest.com - or call ProQuest Hotline Customer Support at 1-800-521-3042.