SlideShare a Scribd company logo

NYMBLE BLOCKING

V
Vatsalya Eranky

Nymble is a system that allows servers to blacklist misbehaving anonymous users while preserving their anonymity. It uses a pseudonym manager to issue credentials to users after verifying their identity, allowing servers to locally blacklist pseudonyms. The system provides anonymous authentication, unlinkability between connections, subjective blacklisting by servers, fast authentication speeds, rate limiting of connections, auditable revocation of blacklisted users, and addresses Sybil attacks. It ensures users are aware of any blacklisting before attempting a connection, disconnecting immediately if blacklisted. Nymble could enable wider adoption of anonymous networks by allowing services to block abusive users while respecting user privacy.

1 of 15
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
NYMBLE BLOCKING
 This problem, we present Nymble, a system in which servers can “blacklist” misbehaving users, thereby blocking users without compromising their anonymity. .  Our system is thus agnostic to different servers’ definitions of misbehavior — servers can blacklist users for whatever reason, and the privacy of blacklisted users is maintained
NYMBLE BLOCKING
 Existing users’ credentials must be updated, making it impractical. Verifier-local revocation (VLR) fixes this shortcoming by requiring the server (“verifier”) to perform only local updates during revocation.  Unfortunately, VLR requires heavy computation at the server that is linear in the size of the blacklist.
 We present a secure system called Nymble, which provides all the following properties: anonymous authentication, backward unlink ability, subjective blacklisting, fast authentication speeds, rate-limited anonymous connections, revocation auditability, and also addresses the Sybil attack to make its deployment practical .  Our system ensures that users are aware of their blacklist status before they present a nymble, and disconnect immediately if they are blacklisted.
Nymble Manager Pseudonym Manager Blacklisting a user Nymble-authenticated connection
 Servers can therefore blacklist anonymous users without knowledge of their IP addresses while allowing behaving users to connect anonymously.  Our system ensures that users are aware of their blacklist status before they present a nymble, and disconnect immediately if they are blacklisted.  Although our work applies to anonymizing networks in general, we consider Tor for purposes of exposition.  In fact, any number of anonymizing networks can rely on the same Nymble system, blacklisting anonymous users regardless of their anonymizing network(s) of choice.
 The user must first contact the Pseudonym Manager (PM) and demonstrate control over a resource; for IP- address blocking, the user must connect to the PM directly (i.e., not through a known anonymizing network), ensuring that the same pseudonym is always issued for the same resource.
 Users who make use of anonymizing networks expect their connections to be anonymous.  If a server obtains a seed for that user, however, it can link that user’s subsequent connections.  It is of utmost importance, then,that users be notified of their blacklist status before they present a nymble ticket to a server.  In our system, the user can download the server’s blacklist and verify her status. If blacklisted, the user disconnects immediately.  IP-address blocking employed by Internet services. There are, however, some inherent limitations to using IP addresses as the scarce resource.  If a user can obtain multiple addresses she can circumvent both nymble-based and regular IP-address blocking.
 Blacklistability: Assures that any honest server can indeed block misbehaving users. Specifically, if an honest server complains about a user that misbehaved in the current linkability window, the complaint will be successful and the user will not be able to “nymble- connect,” i.e., establish a Nymble-authenticated connection, to the server successfully in subsequent time periods (following the time of complaint) of that linkability window.
 Assures any honest server that no user can successfully nymble-connect to it more than once within any single time period. Non-frameability guarantees that any honest user who is legitimate according to an honest server can nymble-connect to that server. This prevents an attacker from framing a legitimate honest user, e.g., by getting the user blacklisted for someone else’s misbehavior. This property assumes each user has a single unique identity.  When IP addresses are used as the identity, it is possible for a user to “frame” an honest user who later obtains the same IP address. Non-frameability holds true only against attackers with different identities (IP addresses).  A user is legitimate according to a server if she has not been blacklisted by the server, and has not exceeded the rate limit of establishing Nymble-connections. Honest servers must be able to differentiate between legitimate and illegitimate users.
Hardware Requirements: System : Pentium IV 2.4 GHz. Hard Disk : 40 GB. Floppy Drive : 1.44 Mb. Monitor : 15 VGA Colour. Mouse : Logitech. Ram : 256 Mb.
Software Requirements: Operating system : Windows XP Professional/7 Front End :SOCKET,REMOTE SERVER :SQLSERVER Tool :VS2008
 Serverscan blacklist misbehavingusers while maintainingtheir privacy, and we show how these propertiescan be attainedin a way that is practical, efficient, and sensitiveto needs of both users and services.  We hope that our work will increasethe mainstreamacceptance of anonymzingnetworks such asTor, which has thus far been completely blocked by several services becauseof users who abuse their anonymity.
THANK YOU..!! DONE BY, B.SONIKA(08P71A0587) A.SURENDRANATH REDDY(08P71A05A4) VATSALYA ERANKY(08P71A05B2)

More Related Content

DOCX
Implementation modules
madhukarreddy007
 
PPTX
Sar writingv2
Todd Benson (I.T. SPECIALIST and I.T. SECURITY)
 
PPTX
Apple Inc
Vatsalya Eranky
 
PDF
NYMBLE: Servers Overcrowding Disobedient Users in Anonymizing Networks
rahulmonikasharma
 
PDF
A Novel Method for Blocking Misbehaving Users over Anonymizing Networks
IJMER
 
PDF
Nymble blocking misbehaviouring users in anonymizing networks
Muthu Samy
 
PDF
Nymble blocking misbehaviouring users in anonymizing networks
Muthu Samy
 
PDF
Nymble blocking misbehaviouring users in anonymizing networks
Muthu Samy
 
Implementation modules
madhukarreddy007
 
Sar writingv2
Todd Benson (I.T. SPECIALIST and I.T. SECURITY)
 
Apple Inc
Vatsalya Eranky
 
NYMBLE: Servers Overcrowding Disobedient Users in Anonymizing Networks
rahulmonikasharma
 
A Novel Method for Blocking Misbehaving Users over Anonymizing Networks
IJMER
 
Nymble blocking misbehaviouring users in anonymizing networks
Muthu Samy
 
Nymble blocking misbehaviouring users in anonymizing networks
Muthu Samy
 
Nymble blocking misbehaviouring users in anonymizing networks
Muthu Samy
 

Similar to NYMBLE BLOCKING (20)

PPTX
Blocking Misbehaving Users In Anonymizing Network(1st review)
dinesh krishna
 
PPTX
blocking misbehaving users in anonymizing networks full ppt with screenshots ...
dinesh krishna
 
PDF
S.A.kalaiselvan blocking misbehaving users in anonymizing
kalaiselvanresearch
 
PDF
C0951520
IOSR Journals
 
PDF
Nymble: Blocking Misbehaving Users In Anonymizing Networks
IOSR Journals
 
PPTX
Seminar
kalpana kumari
 
DOC
Nymble:Blocking misbehaving users in annoying networks(Link)
Mysa Vijay
 
PPTX
Blocking misbehaving users in anonymizing network-project ppt*
dinesh krishna
 
PDF
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
ijceronline
 
PDF
If3614251429
IJERA Editor
 
PDF
If3614251429
IJERA Editor
 
DOC
200335827 certificates
homeworkping4
 
PPTX
Nymble: Blocking System
Manzeer Fasaludeen
 
PDF
341 345
Editor IJARCET
 
PDF
341 345
Editor IJARCET
 
PPTX
Network Security
Puneet Abichandani
 
PPTX
Network security and firewalls
Murali Mohan
 
DOCX
Network and web security
Nitesh Saitwal
 
PDF
Ddos attack definitivo
lilith333
 
PDF
Intrusion detection
Programmer
 
Blocking Misbehaving Users In Anonymizing Network(1st review)
dinesh krishna
 
blocking misbehaving users in anonymizing networks full ppt with screenshots ...
dinesh krishna
 
S.A.kalaiselvan blocking misbehaving users in anonymizing
kalaiselvanresearch
 
C0951520
IOSR Journals
 
Nymble: Blocking Misbehaving Users In Anonymizing Networks
IOSR Journals
 
Seminar
kalpana kumari
 
Nymble:Blocking misbehaving users in annoying networks(Link)
Mysa Vijay
 
Blocking misbehaving users in anonymizing network-project ppt*
dinesh krishna
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
ijceronline
 
If3614251429
IJERA Editor
 
If3614251429
IJERA Editor
 
200335827 certificates
homeworkping4
 
Nymble: Blocking System
Manzeer Fasaludeen
 
341 345
Editor IJARCET
 
341 345
Editor IJARCET
 
Network Security
Puneet Abichandani
 
Network security and firewalls
Murali Mohan
 
Network and web security
Nitesh Saitwal
 
Ddos attack definitivo
lilith333
 
Intrusion detection
Programmer
 
Ad

NYMBLE BLOCKING

  • 2.  This problem, we present Nymble, a system in which servers can “blacklist” misbehaving users, thereby blocking users without compromising their anonymity. .  Our system is thus agnostic to different servers’ definitions of misbehavior — servers can blacklist users for whatever reason, and the privacy of blacklisted users is maintained
  • 4.  Existing users’ credentials must be updated, making it impractical. Verifier-local revocation (VLR) fixes this shortcoming by requiring the server (“verifier”) to perform only local updates during revocation.  Unfortunately, VLR requires heavy computation at the server that is linear in the size of the blacklist.
  • 5.  We present a secure system called Nymble, which provides all the following properties: anonymous authentication, backward unlink ability, subjective blacklisting, fast authentication speeds, rate-limited anonymous connections, revocation auditability, and also addresses the Sybil attack to make its deployment practical .  Our system ensures that users are aware of their blacklist status before they present a nymble, and disconnect immediately if they are blacklisted.
  • 6. Nymble Manager Pseudonym Manager Blacklisting a user Nymble-authenticated connection
  • 7.  Servers can therefore blacklist anonymous users without knowledge of their IP addresses while allowing behaving users to connect anonymously.  Our system ensures that users are aware of their blacklist status before they present a nymble, and disconnect immediately if they are blacklisted.  Although our work applies to anonymizing networks in general, we consider Tor for purposes of exposition.  In fact, any number of anonymizing networks can rely on the same Nymble system, blacklisting anonymous users regardless of their anonymizing network(s) of choice.
  • 8.  The user must first contact the Pseudonym Manager (PM) and demonstrate control over a resource; for IP- address blocking, the user must connect to the PM directly (i.e., not through a known anonymizing network), ensuring that the same pseudonym is always issued for the same resource.
  • 9.  Users who make use of anonymizing networks expect their connections to be anonymous.  If a server obtains a seed for that user, however, it can link that user’s subsequent connections.  It is of utmost importance, then,that users be notified of their blacklist status before they present a nymble ticket to a server.  In our system, the user can download the server’s blacklist and verify her status. If blacklisted, the user disconnects immediately.  IP-address blocking employed by Internet services. There are, however, some inherent limitations to using IP addresses as the scarce resource.  If a user can obtain multiple addresses she can circumvent both nymble-based and regular IP-address blocking.
  • 10.  Blacklistability: Assures that any honest server can indeed block misbehaving users. Specifically, if an honest server complains about a user that misbehaved in the current linkability window, the complaint will be successful and the user will not be able to “nymble- connect,” i.e., establish a Nymble-authenticated connection, to the server successfully in subsequent time periods (following the time of complaint) of that linkability window.
  • 11.  Assures any honest server that no user can successfully nymble-connect to it more than once within any single time period. Non-frameability guarantees that any honest user who is legitimate according to an honest server can nymble-connect to that server. This prevents an attacker from framing a legitimate honest user, e.g., by getting the user blacklisted for someone else’s misbehavior. This property assumes each user has a single unique identity.  When IP addresses are used as the identity, it is possible for a user to “frame” an honest user who later obtains the same IP address. Non-frameability holds true only against attackers with different identities (IP addresses).  A user is legitimate according to a server if she has not been blacklisted by the server, and has not exceeded the rate limit of establishing Nymble-connections. Honest servers must be able to differentiate between legitimate and illegitimate users.
  • 12. Hardware Requirements: System : Pentium IV 2.4 GHz. Hard Disk : 40 GB. Floppy Drive : 1.44 Mb. Monitor : 15 VGA Colour. Mouse : Logitech. Ram : 256 Mb.
  • 13. Software Requirements: Operating system : Windows XP Professional/7 Front End :SOCKET,REMOTE SERVER :SQLSERVER Tool :VS2008
  • 14.  Serverscan blacklist misbehavingusers while maintainingtheir privacy, and we show how these propertiescan be attainedin a way that is practical, efficient, and sensitiveto needs of both users and services.  We hope that our work will increasethe mainstreamacceptance of anonymzingnetworks such asTor, which has thus far been completely blocked by several services becauseof users who abuse their anonymity.
  • 15. THANK YOU..!! DONE BY, B.SONIKA(08P71A0587) A.SURENDRANATH REDDY(08P71A05A4) VATSALYA ERANKY(08P71A05B2)