Changes between Version 37 and Version 38 of thesis


Ignore:
Timestamp:
Apr 26, 2011 2:23:26 PM (8 years ago)
Author:
zzz
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • thesis

    v37 v38  
    3939< Both, monitor and attack peers run with 64 KB/s. Monitor peers just participate in the network and behave as any other node. (No special behavior to the victim)[[BR]][[BR]]
    4040
     41**> Hmm that's discouraging. Obviously the attack is more powerful if the attack peers don't need to be high-bandwidth. I think what we are seeing is the potential of attacks where the attackers are only "nice" to potential victims, as a way of appearing fast to that victim and getting into their tunnels quicker (even if that's not exactly what you did). In any case, I'm surprised that it didn't take more bandwidth and will have to look into it further. As you know the primary defense against DDos is to increase resource requirements and we have to figure out how to do that.
     42
    4143Table 5.2: The network size is estimated to be about 2500 uniques per day, and about 6000 - 7000 uniques per month (source http://stats.i2p.to/cgi-bin/total_routers_3month.cgi )
    4244
     
    5254< 3-hop requires handling of A-F-A-V-B-C-D case (A=attacker, V=victim, B/C/D=bystanders, F=false-positive), which is easy (looking at traffic volumes not changing) but was not (yet) implemented (hence no data presented); preliminary data shows that the overall signal strength is not significantly disminished. 1-hop and 2-hop data sufficiently strong. Bottom line: If we have time to add the data, it will be added.[[BR]][[BR]]
    5355
     56**> I didnt expect you would have time to run more experiments; but since your victim was not using the default 3-hop tunnels, some explanation of why you chose shorter hops, and a prediction of how the results would change (if at all) with 3-hop tunnels is clearly appropriate.
     57
    5458    "for the duration of the measurement": How long was it? minutes, hours, days? The time-to-deanonymize would be good to include here. It isn't clear if you deanonymize in one tunnel lifetime (10 minutes) or it takes multiple successful placements of the monitor peers over a long time period.
    5559
    5660< 4 hours test data. (Addressed in the paper) Every point is a deanonymization as we described it. Tunnel participation in inbound and outbound tunnel, for 10 minutes.[[BR]][[BR]]
     61
     62**> OK. I didnt see any mention of the actual duration.
    5763
    5864Sec 6 Discussion: