Representing Network Trust and Using It to Improve Anonymous Communication
This work addresses security vulnerabilities in anonymous communication systems like Tor, offering a modular approach to trust representation, though it appears incremental as it builds on existing Tor infrastructure.
The paper tackles the problem of improving security in Tor against correlation attacks and malicious relays by proposing a system that allows users to capture trust in network elements using probability distributions, with preliminary results showing enhanced security when used by users and services.
Motivated by the effectiveness of correlation attacks against Tor, the censorship arms race, and observations of malicious relays in Tor, we propose that Tor users capture their trust in network elements using probability distributions over the sets of elements observed by network adversaries. We present a modular system that allows users to efficiently and conveniently create such distributions and use them to improve their security. The major components of this system are (i) an ontology of network-element types that represents the main threats to and vulnerabilities of anonymous communication over Tor, (ii) a formal language that allows users to naturally express trust beliefs about network elements, and (iii) a conversion procedure that takes the ontology, public information about the network, and user beliefs written in the trust language and produce a Bayesian Belief Network that represents the probability distribution in a way that is concise and easily sampleable. We also present preliminary experimental results that show the distribution produced by our system can improve security when employed by users; further improvement is seen when the system is employed by both users and services.