基于相似性感知的Tor网络路径选择算法  

作　　者：隋嘉祺 扈红超 史鑫[2] 周大成 陈尚煜 SUI Jiaqi;HU Hongchao;SHI Xin;ZHOU Dacheng;CHEN Shangyu(School of Cyber Science and Engineering,Zhengzhou University,Zhengzhou 450001,China;Institute of Information Technology,University of Information Engineering,Zhengzhou 450001,China)

机构地区：[1]郑州大学网络空间安全学院,郑州450001 [2]信息工程大学信息技术研究所,郑州450001

出　　处：《计算机科学》2025年第3期391-399,共9页Computer Science

基　　金：国家自然科学基金区域创新发展联合基金(U22A2001);国家自然科学基金(62072467)。

摘　　要：由于Tor低门槛的搭建条件和开放的参与机制,攻击者可以通过控制大量的恶意Sybil节点对Tor网络发起Sybil攻击,从而对用户隐私造成严重的威胁。目前,针对Sybil攻击的防御方法中,一类通过识别恶意Sybil节点来进行防御,该类方法存在对节点之间相似性分析缺乏准确性、难以识别恶意节点针对性伪装等问题;另一类通过提升Tor路径选择算法的安全性来进行防御,该类方法存在路径选择算法难以同时满足安全性和性能的双重要求、不能抵御多种Sybil攻击等问题。为了弥补现有防御方法自身存在的脆弱性问题,提出将恶意节点识别方法和路径选择算法综合应用。首先,从多个数据源采集中继节点的信息,并对多源数据进行验证、过滤和融合,提升数据层面的安全性;其次,通过基于历史数据的带宽度量优化,一定程度上增大了对带宽长期稳定的可靠节点的选择倾向,增加了攻击者部署恶意Sybil节点的成本;然后,优化中继节点相似性评估方法,提出一种基于聚合相似性得分的最近邻排序算法,提高节点相似性分析的准确性;最后,将优化后的相似性评估方法融入路径选择算法的设计中,提出一种基于相似性感知的路径选择算法。实验结果表明,该算法不仅在抵御多种Sybil攻击时表现出更好的防御效果,而且确保了链路的性能需求得到满足。Due to the low threshold construction conditions and open participation mechanism of Tor,attackers can conduct Sybil assaults on Tor networks by controlling a significant number of malicious Sybil nodes,posing a serious threat to user privacy.One class ofmethod defenses by identifying malicious nodes.This class of security suffers from a lack of accuracy in evaluating node similarities and challenges in recognizing malicious nodes that have targeted concealment.The other class protects by strengthening the security of the Tor path selection algorithm,which has issues such as being unable to withstand repeated Sybil attacks and finding it challenging to satisfy the needs of both performance and security.To make up for the vulnerability problem of the existing defense methods themselves,it is proposed to apply the malicious node identification methods and path selection algorithms comprehensively.First,the information of relay nodes is collected from multiple data sources,and the data from multiple sources are verified,filtered,and fused to improve the security at the data level.Second,the selection tendency of dependable nodes with long-term bandwidth stability is somewhat increased by the optimization of bandwidth measurements based on historical data,increasing the cost of deploying malicious Sybil nodes for attackers.Then,the relay node similarity assessment method is optimized,and a nearest-neighbor sorting algorithm based on aggregated similarity scores is proposed to improve the accuracy of the node similarity analysis.Finally,the optimized similarity assessment method is integrated into the path selection algorithm design,and a path selection algorithm based on similarity perception is proposed.Experimental results show that the algorithm not only shows better defense effect against multiple Sybil attacks,but also ensures that the performance requirements of the link are met.

关 键 词：匿名通信 TOR SYBIL攻击 路径选择算法 

分 类 号：TP393.08[自动化与计算机技术—计算机应用技术]