Mirimir transcribed 2.8K bytes: > On 07/24/2014 08:38 PM, Matthew Finkel wrote: > > <SNIP> > > > Another distribution method is currently being written and we will > > write others in the future, but please help us provide another way > > (yes, you, please help us if the current situation is unsatisfactory!). > > The more people we can safely help, the better. > > In wiki:org/projects/projectM/brainstorming[1] I see "Better support for > "Proximax" scheme". But I haven't found anything in trac.torproject.org > that mentions the DNS-based fast flux approach presented in McCoy et al. > (2011)[2]. For example, I see nothing about that in ticket 7520[3]. > > Has the DNS-based fast flux approach been explicitly rejected? > > If so, why? > > As background, McCoy and coworkers explain[2]: > > | As previously stated, each registered user has an individualized > | host name (which take the form of a unique domain name registered > | with DNS). In order to make it difficult to discover and ban > | channels we piggyback on the DNS infrastructure, using a > | technique, commonly employed by botnets and malware distributors, > | called fast flux. As part of this technique Proximax will register > | multiple proxies to the same domain name and uses round-robin DNS > | along with short Time-To-Live (TTL) values to create a constantly > | changing list of proxies for that single domain name. This > | additionally allows Proximax to automatically load balance > | resources by adding and removing proxies based on current > | utilization levels. > > Even so, Proximax is vulnerable to adversaries who register multiple > users, and then block bridge IP addresses that they learn, perhaps at > plausibly gradual rates. Starzer[4] proposes a defense against such > adversaries. In his version, each bridge domain name is assigned to a > group of users. Group reputation increases over time, and > high-reputation groups preferentially get both new bridge IP addresses > and new members. Groups are split whenever one of their bridges is > blocked, and the reputations of both subgroups are reduced. Over time, > an adversary's users become restricted to increasingly smaller groups > with increasingly poor reputations. > > I do see similar ideas in trac.torproject.org, but no cites to Michael > Starzer's masters thesis. Hey, thanks very much for mentioning that paper! I've somehow not seen it before. I'm putting it at the top of my reading list. :) > [1] wiki:org/projects/projectM/brainstorming > <https://trac.torproject.org/projects/tor/wiki/org/projects/projectM/brainstorming> > [2] McCoy et al. (2011) Proximax: A Measurement Based System for > Proxies Dissemination > <http://cseweb.ucsd.edu/~dlmccoy/papers/mccoy2011fc.pdf> > [3] Tor ticket 7520 <https://trac.torproject.org/projects/tor/ticket/7520> > [4] Starzer, M. (2013) Optimizing Tor Bridge Distribution (Masters > Thesis) <http://kau.diva-portal.org/smash/get/diva2:608803/FULLTEXT01.pdf> > -- > tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx > To unsubscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk Post scriptum: I would really love it if there were more collaboration between academics researching these systems and their maintainers/developers. I'm just going to throw that vague wish out into the void. -- ââ isis agora lovecruft _________________________________________________________ GPG: 4096R/A3ADB67A2CDB8B35 Current Keys: https://blog.patternsinthevoid.net/isis.txt
Attachment:
signature.asc
Description: Digital signature
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk