Changes between Version 19 and Version 20 of thesis


Ignore:
Timestamp:
Apr 11, 2011 3:03:20 PM (8 years ago)
Author:
zzz
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • thesis

    v19 v20  
    5757      By this you mean, I think, using random peers outside the fast tier for the inbound tunnel's gateway. We could also keep these peers semi-constant, or more stable, by attempting to recreate the same tunnel at expiration, while still changing them on rejection. This could be done either from the fast pool or by using a random peer.
    5858
    59       Benefits / downsides?
     59      Benefits / downsides? What happens if an adversary attacks guard nodes (either in I2P or Tor)?
    6060
     61  Obvious recommendations not mentioned:
     62
     63   1) Increase resistance to low-bandwidth tunnel building DDoS attack:
     64      Changes made in 0.8.4, more coming in 0.8.5, further research needed
    6165
    6266
     
    7175    b) Penalize peers more due to tunnel rejections. This did not change the time constants of the capacity formulas, just changed (a + r) to (a + 2r) in the denominator of the formula in section A.1. However it may have had the effect of reacting faster to a DOS attack. This change was not made in reaction to the attack, but was previously planned and is part of a strategy to spread the traffic across more peers in the network and adjust the forumla in response to network conditions that have changed markedly in the past two years.
    7276
    73   3) More changes to detect and prevent DOS are upcoming in 0.8.5 (scheduled for release the week of April 18) but these are not a complete solution. A fully distributed tunnel-building DDOS is difficult to prevent completely.
     77  3) More changes to detect and prevent DOS are upcoming in 0.8.5 (scheduled for release the week of April 18) but these are not a complete solution. A fully distributed tunnel-building DDsS is difficult to prevent completely.
    7478
    7579 Reacting to performance changes as a "bad idea":