blocking misbehaving users in anonymizing networks full ppt with screenshots -2nd review !
Download as PPTX, PDF2 likes1,046 views
The document summarizes the Nymble system, which allows website administrators to blacklist misbehaving anonymous users without compromising their anonymity. Nymble uses a pseudonym manager and nymble manager to issue pseudonyms and nymbles (special pseudonyms) tied to user-controlled resources. This allows administrators to blacklist individual users by obtaining a seed to link future nymbles from a blacklisted user, while past nymbles remain unlinkable. The system provides anonymous authentication, backward unlinkability, subjective blacklisting abilities and addresses Sybil attacks to enable practical deployment.
blocking misbehaving users in anonymizing networks full ppt with screenshots -2nd review !
- 1. 2nd review By DINESH RAJA K ARAVINDHAN V
- 2. Anonymzing networks such as Tor allow users to access Internet services privately by using a series of routers to hide the client’s IP address from the server. The success of such networks, however, has been limited by users employing this anonymity for abusive purposes such as defacing popular Web sites. Web site administrators routinely rely on IP- address blocking for disabling access to misbehaving users, but blocking IP addresses is not practical if the abuser routes through an anonymizing network.
- 3. As a result, administrators block all known exit nodes of anonymizing networks, denying anonymous access to misbehaving and behaving users alike. To address this problem, we present Nymble, a system in which servers can “blacklist” misbehaving users, thereby blocking users without compromising their anonymity. Our system is thus agnostic to different servers’ definitions of misbehavior—servers can blacklist users for whatever reason, and the privacy of blacklisted users is maintained. In future work we are processing admin report processing and prevention
- 4. Web site administrators cannot blacklist individual malicious users’ IP addresses, they blacklist the entire anonymizing network. Traceable signatures allow the group manager to release a trapdoor all signatures generated by a particular user to be traced; such an approach does not provide the backward unlink ability In existing process difficult to map more complex notions of misbehavior onto “double spending”
- 5. We present a secure system called Nymble, which provides all the following properties: anonymous authentication, backward unlinkability, subjective blacklisting, fast authentication speeds, rate- limited anonymous connections, revocation auditability (where users can verify whether they have been blacklisted), and also addresses the Sybil attack to make its deployment practical.
- 6. In Nymble, users acquire an ordered collection of nymbles, a special type of pseudonym, to connect toWebsites. Without additional information, these nymbles are computationally hard to link,4 and hence, using the stream of nymbles simulates anonymous access to services. Web sites, however, can blacklist users by obtaining a seed for a particular nymble, allowing them to link future nymbles from the same user—those used before the complaints remain unlinkable.
- 7. Servers can therefore blacklist anonymous users without knowledge of their IP addresses while allowing behaving users to connect anonymously
- 8. 1. Resource-Based Blocking 2. The Pseudonym Manager 3. The Nymble Manager
- 9. To limit the number of identities a user can obtain, the Nymble system binds nymbles to resources that are sufficiently difficult to obtain in great numbers. Blacklisting anonymous users: We provide a means by which servers can blacklist users of an anonymizing network while maintaining their privacy.
- 10. The user must first contact the Pseudonym Manager (PM) and demonstrate control over a resource; for IP- address blocking, the user must connect to the PM directly (i.e., not through a known anonym zing network), We assume the PM has knowledge about Tor routers, for example, and can ensure that users are communicating with it directly. Pseudonyms are deterministically chosen based on the controlled resource, ensuring that the same pseudonym is always issued for the same resource.
- 11. After obtaining a pseudonym from the PM, the user connects to the Nymble Manager (NM) through the anonymizing network, and requests nymbles for access to a particular server (such as Wikipedia). A user’s requests to the NM are therefore pseudonymous, and nymbles are generated using the user’s pseudonym and the server’s identity. These nymbles are thus specific to a particular user-server pair. Nevertheless, as long as the PM and the NM do not collude, the Nymble system cannot identify which user is connecting to what server; the NM knows only the pseudonym-server pair, and the PM knows only the user identity-pseudonym
- 12. The hardware used for the development of the project is: PROCESSOR : PENTIUM III 766 MHz RAM : 128 MD SD RAM MONITOR : 15” COLOR HARD DISK : 20 GB FLOPPY DRIVE : 1.44 MB CDDRIVE : LG 52X KEYBOARD : STANDARD 102 KEYS MOUSE : 3 BUTTONS
- 13. The software used for the development of the project is: OPERATING SYSTEM : Windows XP Professional ENVIRONMENT : Visual Studio .NET 2008 .NET FRAMEWORK : Version 2.0 LANGUAGE : C#.NET WEB SERVER : Internet Information Server 5.0 BACK END : Sql server 2005
- 16. Home:
- 17. User Register:
- 18. Admin Login:
- 19. Admin Home:
- 25. User Login:
- 26. Process:
- 27. Process:
- 28. Webpage: