«BLOCKING MISBEHAVING USERS IN UNIDENTIFIED NETWORK K.Dinesh Raja1, V.Aravindhan2, N.Noor Alleema3 1,2 Scholar, 3 Assistant Professor, Department Of ...»
International Journal of Advance Research In Science And Engineering http://www.ijarse.com
IJARSE, Vol. No.4, Special Issue (01), March 2015 ISSN-2319-8354(E)
BLOCKING MISBEHAVING USERS IN
K.Dinesh Raja1, V.Aravindhan2, N.Noor Alleema3
1,2 Scholar, 3 Assistant Professor, Department Of Information Technology, SRM University, Chennai (India)
ABSTRACTThe advent of anonymizing networks assured that users could access internet services with complete privacy avoiding any possible hindrance. This arrangement where series of routers form a network, hide the user’s IP address from the server. However malfeasance of few malpractitioners has left this system with a loophole where users make use of this anonymity to deface popular websites.
Administrators who cannot practically block a user using IP address are forced to shut all possible nodes that lead to exit. Thus deny access to both behaving and non-behaving users altogether. And so end up blocking users with no compromise to their anonymity. Hence propose a system which is undogmatic with different servers. Thus they aim at giving the administrator the right to block the malicious user without hindering the anonymity of the rest.
Keywords: Anonym Zing Networks, Blacklisting, Symmetric Cryptography, Tor, Pseudonym, Nymble Ticket, Subnet-Based Blocking, Rate-Limiting, Non-Frame Ability, Anonymous Authentication, Backward Unlinkability, Subjective Blacklisting, Rate-Limited Anonymous Connections, Revocation Auditability..
I. INTRODUCTIONPropose a system with following features: Anonymous authentication, backward unlink ability, subjective blacklisting, fast authentication speeds, rate-limited anonymous connections, revocation auditability (where users can verify whether they have been blacklisted). In this system aim to generate nymbles, which are not easy to connect, however a stream of these nymbles assure a simulation to anonymous access. Here provide a means where the website administrator can block user without knowing his IP address (ie through pseudonym generated: which is a random secret identity with the pseudonym manager) without hindering the remaining network. User also has his complete privacy without having to compromise until he behaves.
II. RELATED WORKSAnonymous credential systems like Camenisch and Lysyanskaya’s [9, 10] use group signaturesfor anonymous authentication, wherein individual users are anonymous among agroup of registered users. Non-revocable group signatures such as Ring signatures provide no accountability and thus do not satisfy our needs to protect servers from misbehaving users. Basic group signatures [3, 4, 2, 12] allow revocation of anonymity by no one except the group manager. As only the group manager can revoke a user’s anonymity,servers have no way of 1476 | P a g e International Journal of Advance Research In Science And Engineering http://www.ijarse.com IJARSE, Vol. No.4, Special Issue (01), March 2015 ISSN-2319-8354(E) linking signatures to previous ones and must query the group manager for every signature; this lack of scalability makes it unsuitable for our goals.
Traceable signatures allow the group manager to release a trapdoor that allows all signatures generated by a particular user to be traced; such an approach does not provide the backward anonymity that desire, where a user’s accesses before the complaint remain anonymous. Specifically, if the server is interested in blocking only future accesses of bad users, then such reduction of user anonymity is unnecessarily drastic.. And misbehaving users should be blocked from making further connections after a complaint.
In some systems, misbehavior can be defined precisely. For instance, double-spending of an ―e-coin‖ is considered misbehavior in anonymous electronic cash systems. Likewise, compact e-cash, k-times anonymous authentication and periodic n-times anonymous authentication deem a user to be misbehaving if she authenticates―too many‖ times. In these cases, convincing evidence of misbehavior is easily collected and fair judgment of misbehavior can be ensured. While such approaches can encourage certain kinds of fair behavior in anonymizing.It is difficult to map more complex notions of misbehavior onto ―double spending‖ or related approaches. It may be difficult to precisely define what it means to ―deface a webpage‖ and for It proves to a trusted party that a particular webpage was defaced. How can the user be sure these―proofs‖ are accurate and fairly judged? Can avoid the problem of judging misbehavior entirely? In this paper answer affirmatively by proposing a system that does not require proof of misbehavior. Websites may complain about users for any reason; our system ensures users are informed of complaints against them, thus ―making everybody happy‖—except, of course, the misbehaving users, who remain anonymous but are denied access.
II. EXISTING MODEL Verifier-Local Revocation (VLR): In order to overcome the problem of lack of backward unlinkabilit VLR was introduced in 2004 by ―Dan Boneh‖ and ―Hovav Shacham‖.This was an approach of membership revocation in group signatures known as verifier-local revocation. In this approach, only verifiers are involved in the revocation process, while there is no involvement of the signers. Thus, since signers have no load, this approach is suitable for mobile environments. This stratagem satisfies backward unlink ability to some extent.
The backward unlink ability means that even after a member is revoked, signatures produced by the member before the revocation remains anonymous. Verifier-local revocation requires the server to perform only local updates during revocation. Therefore, there will be a lot of burden on the server. Advantages of existing system
1)Local updating is possible 2)Backwardunlinkability There are many solutions for the problems and difficulties in anonymous networks. But each method has some limitations and issues. They are like: In pseudonym Systems, every individual will be known to the other user by a pseudonym which is blacklisted if a user misbehaves. But this results in pseudonymity for all users and weakens the anonymity. And,also the users are prevented from sharing their pseudonyms.
Group signature is a method by which a member of a group anonymously signs the message on behalf of the group. Here, the server sends complaints to the Group Manager (GM) if a user misbehaves which lacks scalability. Traceable signatures traces the signatures signed by a single party without opening the signature and revealing the identities of any other users. It does not provide backward unlink ability, wherein the previously collected signatures remain anonymous even after the signer’s revocation. Since there is no backward
III. PROPOSED MODELPresent a secure system called Nymble, which provides all the following properties: anonymous authentication, backward unlinkability, subjective blacklisting, fast authentication speeds, rate-limited anonymous connections, revocation auditability Without additional information, these nymbles are computationally hard to link,and hence using the stream of nymbles simulates anonymous access to services.Websites, however, can blacklist users by obtaining a seed for a particular nymble, allowing them to link future nymbles from the same user — those used before the complaint remainunlinkable. Servers can therefore blacklist anonymous users without knowledge of their IP addresses while allowing behaving users to connect anonymously. In fact, any number of anonymizing networks can rely on the same Nymble system, blacklisting anonymous users regardless of their anonymizing network(s) of choice Blacklisting anonymous users. Provide a means by which servers can blacklist users of an anonymizing network while maintaining their privacy.
Practical performance. Our protocol makes use of inexpensive symmetric cryptographic operations to significantly outperform the alternatives.
Open-source implementation. With the goal of contributing a workable system, have built an open source implementation of Nymble, which is publicly available.I provide performance statistics to show that our system is indeed practical.
Advantages Intends to bind identity of an anonymous user to a pseudonym, generated from user’s IP address. This 1.
idea enables a server to complain about misbehavior of a user and blacklist his future tickets.
2. Honest users remain anonymous, &blacklist future connections of particular users and their requests remain unlinkable.
3. All connections of a blacklisted user before the complaint will remain anonymous.
4. A user can check whether he is blacklisted or not at the beginning of a connection.
5. Users are aware of their blacklist status before accessing a service.
6. Servers can blacklist users for whatever reason, and the privacy of blacklisted users is maintained.
4.1 The Nymble Manager After obtaining a pseudonym from the PM, the user connects to the Nymble Manager (NM) through the anonymizing network, and requests nymbles for access to a particular server (such as Wikipedia). A user’s requests to the NM are therefore pseudonymous, and nymbles are generated using the user’s pseudonym and the server’s identity. These nymbles are thus specific to a particular user-server pair. Nevertheless, as long as the PM and the NM do not collude, the Nymble system cannot identify which user is connecting to what server; the NM knows only the pseudonym-server pair, and the PM knows only the user identity-pseudonym Servers have the right to blacklist anonymous users without having to know their IP addresses while allowing behaving users to stay intact anonymously. The system ensures the user has complete knowledge about being blacklisted, that he should disconnect immediately if they are blacklisted. Although our work applies to anonym zing networks in general, we consider Tor for purposes of exposition. In fact, any number of anonym zing networks can rely on the same Nymble system, blacklisting anonymous users regardless of their anonym zing network(s) of choice.
4.2 Pseudonym Manager The user must first contact the Pseudonym Manager (PM) and demonstrate control over a resource; for IPaddress blocking, the user must connect to the PM directly (i.e., not through a known anonym zing network), ensuring that the same pseudonym is always issued for the same resource.
4.3 Blacklisting A User Users who make use of anonym zing networks expect their connections to be anonymous. If a server obtains a seed for that user, however, it can link that user’s subsequent connections. It is of utmost importance, then, that users be notified of their blacklist status before they present a nymble ticket to a server. In our system, the user can download the server’s blacklist and verify her status. If blacklisted, the user disconnects immediately.
IP-address blocking employed by Internet services. There are, however, some inherent limitations to using IP addresses as the scarce resource. If a user can obtain multiple addresses she can circumvent both nymble-based and regular IP-address blocking. Subnet-based blocking alleviates this problem, and while it is possible to modify our system to support subnet-based blocking, new privacy challenges emerge; a more thorough description is left for future work.
4.4 Nymble-Authenticated Connection Blacklist ability assures that any honest server can indeed block misbehaving users. Specifically, if an honest server complains about a user that misbehaved in the current linkability window, the complaint will be successful and the user will not be able to ―nymble-connect,‖ i.e., establish a Nymble-authenticated connection, to the server successfully in subsequent time periods of that linkability window.Rate-limiting assures any honest server that no user can successfully nymble-connect to it more than once within any single time period. Nonframeability guarantees that any honest user who is legitimate according to an honest server can nymble-connect 1481 | P a g e International Journal of Advance Research In Science And Engineering http://www.ijarse.com IJARSE, Vol. No.4, Special Issue (01), March 2015 ISSN-2319-8354(E) to that server. This prevents an attacker from framing a legitimate honest user, e.g., by getting the user blacklisted for someone else’s misbehavior. This property assumes each user has a single unique identity.When IP addresses are used as the identity, it is possible for a user to ―frame‖ an honest user who later obtains the same IP address. Non-frameability holds true only against attackers with different identities (IP addresses). A user is legitimate according to a server if she has not been blacklisted by the server, and has not exceeded the rate limit of establishing Nymble-connections. Honest servers must be able to differentiate between legitimate and illegitimate users.
Anonymity protects the anonymity of honest users, regardless of their legitimacy according to the (possibly corrupt) server; the server cannot learn any more information beyond whether the user behind (an attempt to make) a nymble-connection is legitimate or illegitimate A user is legitimate according to a server if she has not been blacklisted by the server, and has not exceeded the rate limit of establishing Nymble-connections. Honest servers must be able to differentiate between legitimate and illegitimate users.
Fig.1 Pseudonym Manager Fig.2 Blacklist a User V. FEATURES Anonymous Authentication: Anonymous authentication allows any user to access any public content without providing a user name and password challenge to the client browser. If some content should be viewed only by selected users, It must configure the appropriate permissions to prevent anonymous users from accessing that content. Only registered users to view selected content, configure an authentication method for that content that requires a user name and password.