匿名通信系统可用性技术研究
|
摘要
随着Internet在世界范围内的迅猛发展,通过网络实现全社会的信息共享已逐步成为现实,由此带来的信息安全与隐私问题也逐步得到人们的关注。加密技术保护用户信息的机密性,而匿名技术通过一定的方法将通信流中的通信关系加以隐藏,使攻击者无法获知“谁和谁”在通信,它已经成为许多网络应用的基本需求。本论文对如何提高匿名通信系统在网络监管下的可用性问题进行了研究和探讨,主要工作及贡献如下:
·集中式的资源分发模型及其分析:对现有匿名系统对接入节点资源进行集中管理向用户分发的过程进行抽象,提出一个通用的集中式资源分发模型,并对该模型进行了理论计算和实验模拟的量化分析。在非对抗环境下,得出全部资源被枚举到的概率与攻击者枚举次数的关系,分析结果表明,资源分发系统需选取合适的每次请求分发的资源数量,同时资源数量越大,攻击者获取到全部资源的概率越小。在对抗环境下,给出了相应评价资源分发系统服务质量的指标,分别对两种资源更新策略进行了分析,分析结果表明资源可用性检测方法、资源更新速率、攻击者的检测范围是影响资源分发系统服务质量的重要因素。
·基于社会网络的资源分发传播模型及其分析:进一步研究了通过用户及其在现实中信任关系构成的社会网络进行资源分发传播的机制,根据相应资源分发传播的特点,建立了社会网络中的资源分发模型,结合复杂网络中的"small-world"网络模型,采用计算机模拟的方法对该模型进行了分析。在非对抗环境下,攻击者最终会获取到所有资源信息。在对抗环境下,即使不使用资源更新策略,资源分发停止分发传播时,网络中仍会残余少量的可用资源供部分用户使用;在使用资源更新策略的情况下,对抗会达到一个稳定状态。另外我们发现在具有明显小世界特征的网络结构下,资源分发系统在资源传播范围、可用资源比例、资源平均存活时间均达到了较高的效率,具有较强的对抗能力,而攻击者需要选取合适的对抗策略来应对。
·基于Skype覆盖网络的SkyF2F系统:针对现有匿名通信系统接入节点建设面临的一些问题,例如需要大量的投入去建设资源、需要激励机制来吸引更多的志愿者,提出一种能够在Skype覆盖网络中建立通信通道的SkyF2F系统,设计并实现了原型系统,用户可以通过其朋友使用SkyF2F系统建立隐蔽通信通道访问特定的目标服务,该系统能够抵抗多种攻击和提供一定的IP匿名保护,并具有易使用、低投入、低时延的特点。SkyF2F系统应用模式灵活,例如与现有的匿名系统相结合,可作为一种有效的接入节点方案。SkyF2F的思想也适用于现有流行的即时通信工具。
The rapid development of the Internet has made sharing information among all the people within a society a reality. And information security and privacy are gaining increasing attention. Confidentiality of user data is made possible in practice by the techniques of modern cryptography. Anonymity systems seek build an infrastructure running on top of the existing Internet pro-tocols which allows people to communicate with each other without revealing their personal network identities, so the attacker cannot learn who is commu-nicating with whom. Anonymity has been an essential requirement of many network applications. This thesis focuses on the problem of how to improve the availability and reachability of anonymity system under network censor-ship, the main contributions are listed as follows:
·A general model of central resource distribution is proposed by study-ing the design of existing anonymity system and publishing the access-point resources with central-controlled discovery authority. Based on this model, mathematical and experimental analysis of its specialized model with random-choice strategy is given in two scenarios. In the case of non-confrontation, the relationship between the probability of all resources enumerated and the amount of attacker's enumeration. The result shows that the resource distribution service should select the appropriate amount of access points for each user and have a large number of active access points to improve the ability. In the case of confrontation, methods to measure the quality of resource distribution service and analysis of the two distribution strategies are given. Mechanisms for testing whether bridges are available, renewal speed of resources and the number of users attacker monitors and impersonates are important factors to the quality of the ser- vice.
·According to the characteristics of distributing the resources through the social network where links reflects real-world social relationships among users, a resource distribution model is proposed. We analyze this model on the'small-world'network by numerical simulation. In the case of non-confrontation, attacker will discover all resources finally. In the case of confrontation, without renewal of resources, a small amount of avail-able resources still remains for some user on the network when there is no resources distribution between users. With renewal mechanism of re-sources, the confrontation also has a steady state. We find that the small world structure stands out as an efficient architecture for resource distri-bution service in scope of resource dissemination, proportion of available resources and average lifetime. And the attacker should use appropriate strategies to counter.
·Existing anonymity systems are facing the problem that deploying a large number of access points requires significant investment to build resources or necessary incentives to attract more volunteers. We propose a system builds on existing overlay network, called SkyF2F. SkyF2F is a plug-in for Skype client that allows a user to establish a covert communication channel with her friends. We describe the design, a prototype implemen-tation and security analysis of SkyF2F. SkyF2F can successfully circum-vent several sophisticated censoring techniques. In addition, SkyF2F is easy to use, low cost, low latency. SkyF2F is very flexible. For example, it could be used as the access points to existing anonymous communica-tion systems. The idea of SkyF2F can also be adapted to other popular IM overlays.
·集中式的资源分发模型及其分析:对现有匿名系统对接入节点资源进行集中管理向用户分发的过程进行抽象,提出一个通用的集中式资源分发模型,并对该模型进行了理论计算和实验模拟的量化分析。在非对抗环境下,得出全部资源被枚举到的概率与攻击者枚举次数的关系,分析结果表明,资源分发系统需选取合适的每次请求分发的资源数量,同时资源数量越大,攻击者获取到全部资源的概率越小。在对抗环境下,给出了相应评价资源分发系统服务质量的指标,分别对两种资源更新策略进行了分析,分析结果表明资源可用性检测方法、资源更新速率、攻击者的检测范围是影响资源分发系统服务质量的重要因素。
·基于社会网络的资源分发传播模型及其分析:进一步研究了通过用户及其在现实中信任关系构成的社会网络进行资源分发传播的机制,根据相应资源分发传播的特点,建立了社会网络中的资源分发模型,结合复杂网络中的"small-world"网络模型,采用计算机模拟的方法对该模型进行了分析。在非对抗环境下,攻击者最终会获取到所有资源信息。在对抗环境下,即使不使用资源更新策略,资源分发停止分发传播时,网络中仍会残余少量的可用资源供部分用户使用;在使用资源更新策略的情况下,对抗会达到一个稳定状态。另外我们发现在具有明显小世界特征的网络结构下,资源分发系统在资源传播范围、可用资源比例、资源平均存活时间均达到了较高的效率,具有较强的对抗能力,而攻击者需要选取合适的对抗策略来应对。
·基于Skype覆盖网络的SkyF2F系统:针对现有匿名通信系统接入节点建设面临的一些问题,例如需要大量的投入去建设资源、需要激励机制来吸引更多的志愿者,提出一种能够在Skype覆盖网络中建立通信通道的SkyF2F系统,设计并实现了原型系统,用户可以通过其朋友使用SkyF2F系统建立隐蔽通信通道访问特定的目标服务,该系统能够抵抗多种攻击和提供一定的IP匿名保护,并具有易使用、低投入、低时延的特点。SkyF2F系统应用模式灵活,例如与现有的匿名系统相结合,可作为一种有效的接入节点方案。SkyF2F的思想也适用于现有流行的即时通信工具。
The rapid development of the Internet has made sharing information among all the people within a society a reality. And information security and privacy are gaining increasing attention. Confidentiality of user data is made possible in practice by the techniques of modern cryptography. Anonymity systems seek build an infrastructure running on top of the existing Internet pro-tocols which allows people to communicate with each other without revealing their personal network identities, so the attacker cannot learn who is commu-nicating with whom. Anonymity has been an essential requirement of many network applications. This thesis focuses on the problem of how to improve the availability and reachability of anonymity system under network censor-ship, the main contributions are listed as follows:
·A general model of central resource distribution is proposed by study-ing the design of existing anonymity system and publishing the access-point resources with central-controlled discovery authority. Based on this model, mathematical and experimental analysis of its specialized model with random-choice strategy is given in two scenarios. In the case of non-confrontation, the relationship between the probability of all resources enumerated and the amount of attacker's enumeration. The result shows that the resource distribution service should select the appropriate amount of access points for each user and have a large number of active access points to improve the ability. In the case of confrontation, methods to measure the quality of resource distribution service and analysis of the two distribution strategies are given. Mechanisms for testing whether bridges are available, renewal speed of resources and the number of users attacker monitors and impersonates are important factors to the quality of the ser- vice.
·According to the characteristics of distributing the resources through the social network where links reflects real-world social relationships among users, a resource distribution model is proposed. We analyze this model on the'small-world'network by numerical simulation. In the case of non-confrontation, attacker will discover all resources finally. In the case of confrontation, without renewal of resources, a small amount of avail-able resources still remains for some user on the network when there is no resources distribution between users. With renewal mechanism of re-sources, the confrontation also has a steady state. We find that the small world structure stands out as an efficient architecture for resource distri-bution service in scope of resource dissemination, proportion of available resources and average lifetime. And the attacker should use appropriate strategies to counter.
·Existing anonymity systems are facing the problem that deploying a large number of access points requires significant investment to build resources or necessary incentives to attract more volunteers. We propose a system builds on existing overlay network, called SkyF2F. SkyF2F is a plug-in for Skype client that allows a user to establish a covert communication channel with her friends. We describe the design, a prototype implemen-tation and security analysis of SkyF2F. SkyF2F can successfully circum-vent several sophisticated censoring techniques. In addition, SkyF2F is easy to use, low cost, low latency. SkyF2F is very flexible. For example, it could be used as the access points to existing anonymous communica-tion systems. The idea of SkyF2F can also be adapted to other popular IM overlays.
引文
[1]World Internet Usage Statistics News and World Population Stats [EB/OL]. http://www. internetworldstats.com/stats.htm.
[2]Goldberg I. A pseudonymous communications infrastructure for the internet [D]. [S.1.]:University of California at Berkeley,2000.
[3]Clarke R. Introduction to dataveillance and information privacy, and definitions of Terms [EB/OL]. 1999. http://www.rogerclarke.com/DV/Intro.html.
[4]Deibert R. Access denied:The practice and policy of global Internet filtering [M]. MIT Press, 2008.
[5]Martin D. Local anonymity in the Internet [D]. [S.1.]:Boston University,1999.
[6]Kugler D. An analysis of gnunet and the implications for anonymous, censorship-resistant net-works [C]. In Privacy Enhancing Technologies workshop (PET'03), March 2003:161-176.
[7]Kopsell S, Hilling U. How to achieve blocking resistance for existing systems enabling anonymous web surfing [C]. In Proceedings of the Workshop on Privacy in the Electronic Society (WPES 2004), Washington, DC, USA, October 2004:47-58.
[8]Dingledine R, Mathewson N. Design of a blocking-resistant anonymity system.2007. http:// www.torproject.org/svn/trunk/doc/design-paper/blocking.pdf.
[9]Sovran Y, Li J, Submaranian L. Unblocking the Internet:Social networks foil censors [R].2009.
[10]Feamster N, Balazinska M, Wang W, et al. Thwarting web censorship with untrusted messenger discovery [C]//Dingledine R. In Proceedings of Privacy Enhancing Technologies workshop (PET 2003), March 2003:125-140.
[11]Watts D J, Strogatz S H. Collective dynamics of'small-world' networks [J]. Nature,1998,393 (6684):440-442.
[12]Skype [EB/OL]. http://www.skype.com.
[13]Chaum D L. Untraceable electronic mail, return addresses, and digital pseudonyms [J]. Communi-cations of the ACM,1981,24 (2):84-90.
[14]Pfitzmann A, Kohntopp M. Anonymity, unobservability, and pseudonymity-a proposal for termi-nology [C]. In Workshop on Design Issues in Anonymity and Unobservability,2000:10-29.
[15]Flinn B, Maurer H. Levels of anonymity [J]. Journal of Universal Computer Science,1995,1 (1): 35-47.
[16]Reiter M K, Rubin A D. Crowds:Anonymity for web transactions [J]. ACM Transactions on Information and System Security (TISSEC),1998,1 (1):66-92.
[17]Berthold O, Pfitzmann A, Standtke R. The disadvantages of free MIX routes and how to overcome them [C]. In Proceedings of Designing Privacy Enhancing Technologies:Workshop on Design Issues in Anonymity and Unobservability,2000:30-45.
[18]Shields C, Levine B N. A protocol for anonymous communication over the Internet [C]. In Pro-ceedings of the 7th ACM conference on Computer and communications security, Athens, Greece, 2000:33-42.
[19]Diaz C, Seys S, Claessens J, et al. Towards measuring anonymity [C]. In Proceedings of Privacy Enhancing Technologies workshop (PET'02), April 2002:54-68.
[20]Serjantov A, Danezis G. Towards an information theoretic metric for anonymity [C]. In Proceed-ings of Privacy Enhancing Technologies workshop (PET'02),2002:41-53.
[21]Guan Y, Fu X, Bettati R, et al. An optimal strategy for anonymous communication protocols [C]. In Proceedings of the 22nd International Conference on Distributed Computing Systems (ICDCS'02), Vienna, Austria,2002:257-266.
[22]Zhu Y, Bettati R. Anonymity vs. information leakage in anonymity systems [C]. In Proceedings of the 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05), Wash-ington DC, USA,2005:514-524.
[23]ClauB S, Schiffner S. Structuring anonymity metrics [C]. In Proceedings of the Second ACM work-shop on Digital identity management(DIM'06), Alexandria, Virginia, USA,2006:55-62.
[24]Deng Y, Pang J, Wu P. Measuring anonymity with relative entropy [C]. In Proceedings of the 4th International Workshop on Formal Aspects in Security and Trust,2006:65-79.
[25]Gabber E, Gibbons P, Matias Y, et al. How to make personalized web browsing simple, secure, and anonymous [C]. In Proceedings of Financial Cryptography 97,1997:17-31.
[26]Diaz C, Serjantov A. Generalising mixes [C]. In Proceedings of Privacy Enhancing Technologies workshop (PET'03), mar 2003:18-31.
[27]时金桥Internet上匿名通信技术的研究[D].[S.1.]:哈尔滨工业大学,2007.
[28]Park C, Itoh K, Kurosawa K. Efficient anonymous channel and all/nothing election scheme [C]. In Proceedings of Advances in Cryptology-EUROCRYPT'93,1993:248-259.
[29]Golle P, Jakobsson M, Juels A, et al. Universal re-encryption for mixnets [C]. In Proceedings of RSA-Conference, Cryptographers' Track,2004:163-178.
[30]Gomulkiewicz M, Klonowski M, Kutylowski M. Onions based on universal re-encryption-anonymous communication immune against repetitive attack [C]. In International Workshop on Information Security Applications (WISA04),2004:400-410.
[31]Klonowski M, Kutylowski M, Zagorski F. Anonymous communication with on-line and off-line onion encoding [C]. In SOFSEM 2005:Theory and Practice of Computer Science,2005:229-238.
[32]Danezis G. Breaking four mix-related schemes based on universal re-encryption [C]. In Proceed-ings of Information Security Conference 2006 (ISC 2006), September 2006:46-59.
[33]Kilian J, Sako K. Receipt-free MIX-type voting scheme—a practical solution to the implementation of a voting booth [C]. In Proceedings of Advances in Cryptology (Eurocrypt'95), May 1995:393-403.
[34]Michels M, Horster P. Some remarks on a receipt-free and universally verifiable mix-type voting scheme [C]. In Proceedings of Advances in Cryptology (Asiacrypt'96), November 1996:125-132.
[35]Ogata W, Kurosawa K, Sako K, et al. Fault tolerant anonymous channel [C]. In Proceedings of International Conference on Information and Communication Security (ICICS'97),1997:440-444.
[36]Abe M. Universally verifiable mix-net with verification work independent of the number of mix-servers [C]. In Proceedings Advances in Cryptology (Eurocrypt'98), June 1998:437-447.
[37]Jakobsson M. A practical mix [C]. In Proceedings of Advances in Cryptology-Eurocrypt'98, June 1998:448-461.
[38]Desmedt Y, Kurosawa K. How to break a practical mix and design a new one [C]. In Proceedings of Advances in Cryptology (Eurocrypt'00), May 2000:557-572.
[39]Jakobsson M. Flash mixing [C]. In Proceedings of the eighteenth annual ACM symposium on Principles of distributed computing,1999:83-89.
[40]Mitomo M, Kurosawa K. Attack for flash MIX [C]. In Proceedings of Advances in Cryptology (Asiacrypt'00), December 2000:192-204.
[41]Furukawa J, Sako K. An efficient scheme for proving a shuffle [C]. In Advances in Cryptology— CRYPTO 2001,2001:368-387.
[42]Neff C A. A verifiable secret shuffle and its application to e-voting [C]. In Proceedings of ACM Conference on Computer and Communications Security (CCS'01),2001:116-125.
[43]Golle P, Zhong S, Boneh D, et al. Optimistic mixing for exit-polls [C]. In Proceedings of Advances in Cryptology (Asiacrypt'02), December 2002:593-602.
[44]陈晓峰,王育民.基于匿名通讯信道的安全电子投票方案[J].电子学报,2003,31(003):390-393.
[45]高虎明,王继林,王育民.一个基于Mix net的电子投票方案[J].电子学报,2004,32(006):1047-1049.
[46]李彦江,马传贵,黄刘生.一种电子投票方案[J].软件学报,2005,16(10):1805-1810.
[47]Chaum D. The dining cryptographers problem:Unconditional sender and recipient untraceability [J]. Journal of Cryptology,1988,1 (1):65-75.
[48]Waidner M. Unconditional sender and recipient untraceability in spite of active attacks [C]. In Proceedings of Eurocrypt'89,1989:302-319.
[49]Sirer E G, Polte M, Robson M. Cliquenet:A self-organizing, scalable, peer-to-peer anonymous communication substrate [EB/OL].2001. http://www.cs.cornell.edu/People/egs/ cliquenet/papers.html.
[50]Goel S, Robson M, Polte M, et al. Herbivore:A scalable and efficient protocol for anonymous communication [R].2003.
[51]Ahn L V, Bortz A, Hopper N J. k-Anonymous message transmission [C]. In the I Oth ACM confer-ence on Computer and communications security,2003:122-130.
[52]Sherwood R, Bhattacharjee B, Srinivasan A. P 5:A protocol for scalable anonymous communica-tion [J]. Journal of Computer Security,2005,13. (6):839-876.
[53]Dolev S, Ostrobsky R. Xor-trees for efficient anonymous multicast and reception [C]. In ACM Transactions on Information and System Security (TISSEC),2000:63-84.
[54]Shields C. Secure hierarchical multicast routing and multicast internet anonymity [D]. [S.1.]:Uni-versity of California Santa Cruz,1998.
[55]王伟平,陈建二,王建新,et al.基于组群的有限路长匿名通信协议[JJ.计算机研究与发展,2003,40(004):609-614.
[56]王伟平,陈建二,陈松乔,et al.匿名通信中短距离优先分组重路由方法的研究[J].软件学报,2004,15(4):561-570.
[57]眭鸿飞,陈建二,陈松乔,et al.重路由匿名通信系统中基于秘密共享的重路由算法[J].计算机研究与发展,2005,42(010):1660-1666.
[58]眭鸿飞,陈松乔,陈建二,et a1.基于重路由匿名通信系统的负载分析[J].软件学报,2004,15(002):278-285.
[59]Dai W. Pipenet 1.1 [EB/OL].1996. Http://www.eskimo.com/-weidai/pipenet.txt.
[60]Beimel A, Dolev S. Buses for anonymous message delivery [J]. Journal of Cryptology,2008,16 (1):25-39.
[61]Al-Muhtadi J, Campbell R, Kapadia A, et al. Routing through the mist:Privacy preserving com-munication in ubiquitous computing environments [C]. In International Conference of Distributed Computing Systems (ICDCS'02),2002:74-83.
[62]Overlier L, Syverson P. Locating hidden servers [C]. In 2006 IEEE Symposium on Security and Privacy, California, USA, May 2006:15.
[63]Dingledine R, Mathewson N, Syverson P. Tor:The second-generation onion router [C]. In Pro-ceedings of the 13th USENIX Security Symposium, San Diego, USA, August 2004:303—320.
[64]Parekh S. Prospects for remailers-where is anonymity heading on the internet.1996. http:// www.firstmonday.dk/issues/issue2/remailers/index.html.
[65]Moller U, Cottrell L, Palfrader P, et al. Mixmaster protocol-version 2. jul 2003.
[66]Danezis G, Dingledine R, Mathewson N. Mixminion:Design of a type Ⅲ anonymous remailer protocol [C]. In the 2003 IEEE Symposium on Security and Privacy, May 2003.
[67]Gulcu C, Tsudik G. Mixing E-mail with Babel [C]. In Network and Distributed System Security, 1996., Proceedings of the Symposium on, February 1996:2-16.
[68]Goldschlag D, Reed M, Syverson P. Hiding routing information [C]. In Information Hiding,1996: 137-150.
[69]赵福祥,王育民.可靠洋葱路由方案的设计与实现[J].计算机学报,2001,24(005):463-467.
[70]吴振强,杨波.追踪洋葱包的高级标记方案与实现[J].通信学报,2002,23(005):96-102.
[71]吴振强,杨波.基于葱头路由技术和MPLS的隐匿通信模型[J].西安电子科技大学学报(自然科学版),2002,29(004):513-517.
[72]Berthold O, Federrath H, Kopsell S. Web MIXes:A system for anonymous and unobservable Internet access [C]. In International Workshop on Designing Privacy Enhancing Technologies: Design Issues in Anonymity and Unobservability, Berkeley,2000:115-129.
[73]Boucher P, Shostack A, Goldberg I. Freedom system 2.0 architecture [EB].2000. http://www. freedom.net/info/whitepapers/.
[74]Back A, Goldberg I, Shostack A. Freedom 2.1 security issues and analysis [EB].2001. http:// www.freedom.net/info/whitepapers/Freedom_Security2-1.pdf.
[75]Rennhard M, Plattner B. Introducing MorphMix:peer-to-peer based anonymous Internet usage with collusion detection [C]. In the 2002 ACM workshop on Privacy in the Electronic Society, November 2002:102.
[76]Freedman M J, Morris R. Tarzan:A peer-to-peer anonymizing network layer [C]. In Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS 2002), Washington, DC, November 2002.
[77]Lu T, Fang B, Sun Y, et al. Wongoo:A peer-to-peer protocol for anonymous communication [C]. In the 2004 International Conference on Parallel and Distributed Processing Techniques and Applications (PDPTA'04), Las Vegas, Nevada, USA, June 2004:1102-1106.
[78]Anderson R. The eternity service [C]. In Pragocrypt'96,1996.
[79]Waldman M, Rubin A D, Cranor L F. Publius:A robust, tamper-evident, censorship-resistant web publishing system [C]. In the 9th USENIX Security Symposium, August 2000:59-72.
[80]Shamir A. How to share a secret[J]. Communications of the ACM,1979,22 (11):612-613.
[81]Goldberg I, Wagner D. TAZ servers and the rewebber network enabling anonymous publishing on the world wide web [J]. First Monday,1998,4 (3).
[82]Dingledine R, Freedman M, Molnar D. The free haven project:Distributed anonymous storage service [C]. In International Workshop on Designing Privacy Enhancing Technologies:Design Issues in Anonymity and Unobservability,2000:67-95.
[83]Bennett K, Grothoff C. GAP-practical anonymous networking [C]. In Privacy Enhancing Tech-nologies workshop (PET'03), March 2003:141-160.
[84]Waldman M, Mazieres D. Tangler:a censorship-resistant publishing system based on document entanglements [C]. In Proceedings of the 8th ACM Conference on Computer and Communications Security (CCS'01), November 2001:126-135.
[85]Clarke I, Sandberg O, Wiley B, et al. Freenet:A distributed anonymous information storage and retrieval system [C]. In Proceedings of Designing Privacy Enhancing Technologies:Workshop on Design Issues in Anonymity and Unobservability, July 2000:46-66.
[86]Dolev D, Yao A. On the security of public key protocols [J]. IEEE Transactions on information theory,1983,29(2):198-208.
[87]Raymond J F. Traffic analysis:Protocols, attacks, design issues, and open problems [C]. In Pro-ceedings of International Workshop on Designing Privacy Enhancing Technologies:Design Issues in Anonymity and Unobservability, July 2000:10-29.
[88]Serjantov A, Murdoch S. Message splitting against the partial adversary [C]. In Proceedings of Privacy Enhancing Technologies workshop (PET 2005),2005:26-39.
[89]Wright M, Adler M, Levine B N, et al. Defending anonymous communications against passive logging attacks [C]. In Proceedings of the 2003 IEEE Symposium on Security and Privacy, Wash-ington, DC, USA,2003:28-42.
[90]Kedogan D, Agrawal D, Penz S. Limits of anonymity in open environments [C]. In n Proceedings of Information Hiding workshop (IH'02), October 2002:53-69.
[91]Agrawal D, Kesdogan D, Penz S. Probabilistic treatment of mixes to hamper traffic analysis [C]. In Proceedings of the 2003 IEEE Symposium on Security and Privacy,2003:16-27.
[92]Mathewson N, Dingledine R. Practical traffic analysis:Extending and resisting statistical disclo-sure [C]. In Proceedings of Privacy Enhancing Technologies workshop (PET'04), May 2004:17-34.
[93]Kesdogan D, Pimenidis L. The hitting set attack on anonymity protocols [C]. In Proceedings of 6th Information Hiding Workshop, Toronto,2004:326-339.
[94]Pfitzmann B, Pfitzmann A. How to break the direct RSA-implementation of MIXes [C]. In Pro-ceedings of Advances in Cryptology—EUROCRYPT'89,1989:373-381.
[95]Pfitzmann B. Breaking an efficient anonymous channel [C]. In Proceedings of Advances in Cryp-tology—EUROCRYPT'94, May 1994:332-340.
[96]Danezis G, Laurie B. Minx:A simple and efficient anonymous packet format [C]. In Proceedings of the 2004 ACM workshop on Privacy in the electronic society, New York, NY, USA,2004: 59-65.
[97]Levine B N, Reiter M K, Wang C, et al. Timing attacks in low-latency mix systems [C]. In Pro-ceedings of Financial Cryptography (FC'04), February 2004:251-265.
[98]Felten E W, Schneider M A. Timing attacks on web privacy [C]. In Proceedings of the 7th ACM conference on Computer and communications security, New York, NY, USA,2000:25-32.
[99]Danezis G, Sassaman L. Heartbeat traffic to counter (n-1) attacks:red-green-black mixes [C]. In Proceedings of the Workshop on Privacy in the Electronic Society (WPES2003), Washington, DC, USA,2003:93.
[100]Kesdogan D, Egner J, Buschkes R. Stop-and-go-MIXes providing probabilistic anonymity in an open system [C]. In Proceedings of Information Hiding workshop, April 1998:83-98.
[101]Shi J Q, Fang B X, Shao L J. Regroup-And-Go mixes to counter the (n-1) attack [J]. Internet Research, Special Issue on Privacy and Anonymity in the Digital Era:Theory, Technologies and Practice,2006,16(2):213-223.
[102]Wright M, Adler M, Levine B N, et al. An analysis of the degradation of anonymous protocols [C]. In Proceedings of Network and Distributed Security Symposium (NDSS'02), February 2002.
[103]Douceur J R. The sybil attack [C]. In Peer-To-Peer Systems:First International Workshop(IPTPS 2002), Cambridge, Ma, USA, March 2002:251-260.
[104]Rogers M. Censorship-resistant communication over public networks [J]. UCL Research Note, 2006,6(04):1.
[105]Clayton R, Murdoch S J, Watson R N M. Ignoring the Great Firewall of China [C]//Danezis G, Golle P. In Proceedings of the Sixth Workshop on Privacy Enhancing Technologies (PET 2006), Cambridge, UK, June 2006:20-35.
[106]Panchenko A, Pimenidis L. Using trust to resist censorship in the presence of collusion [C]. In Proceedings of the 22th IFIP TC-11 International Information Security Conference (IFIP SEC 2007), Sandton, South Africa, May 2007:409-420.
[107]Ptacek T H, Newsham T N. Insertion, evasion, and denial of service:Eluding network intrusion detection [R].1998.
[108]Perng G, Reiter M K, Wang C. Censorship resistance revisited [C]. In Proceedings of Information Hiding Workshop (IH 2005), June 2005:62-76.
[109]Danezis G, Anderson R. The Economics of Censorship Resistance [C]. In Proceedings of Work-shop on Economics and Information Security (WEIS04), May 2004.
[110]Feamster N, Balazinska M, Harfst G, et al. Infranet:Circumventing web censorship and surveil-lance [C]. In Proceedings of the 1 lth USENIX Security Symposium, August 2002.
[111]陆传赉.排队论[M].北京邮电学院出版社,1994.
[112]陆大絟.随机过程及其应用[M].清华大学出版社,1986.
[113]Garriss S, Kaminsky M, Freedman M J, et al. RE:reliable email [C]. In Proceedings of the 3rd Symposium on Networked Systems Design and Implementation (NSDI'06), San Jose, CA, May 2006:297-310.
[114]Yu H, Kaminsky M, Gibbons P B, et al. Sybilguard:defending against sybil attacks via social networks [C]. In Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications,2006:278.
[115]Albert R, Barabasi A-L. Statistical mechanics of complex networks [J]. Reviews of modern physics,2002,74 (1):47-97.
[116]Erdos P, ARenyi. On random graphs [J]. Publications Mathematical,1959,6:290-297.
[117]Barabasi A-L, Albert R. Emergence of scaling in random networks [J]. Science,1999,286: 509-512.
[118]Milgram S. The small world problem [J]. Psychology Today,1967,2 (60).
[119]Newman M E J. Spread of epidemic disease on networks [J]. Physical Review E,2002,66 (1): 16128.
[120]周涛,傅忠谦,牛永伟,et a1.复杂网络上传播动力学研究综述[J].自然科学进展,2005,15(005):513-518.
[121]Anderson R M, May R M. Infectious diseases of humans [M]. Oxford University Press,1991.
[122]Newman M E J, Watts D J. Scaling and percolation in the small-world network model [J]. Physical Review E,1999,60 (6):7332-7342.
[123]Moore C, Newman M E J. Epidemics and percolation in small-world networks [J]. Physical Review E,2000,61 (5):5678-5682.
[124]Pastor-Satorras R, Vespignani A. Epidemic spreading in scale-free networks [J]. Physical review letters,2001,86 (14):3200-3203.
[125]Baset S A, Schulzrinne H. An analysis of the skype peer-to-peer internet telephony protocol [C]. In Proc.25th IEEE International Conference on Computer Communications (INFOCOM 2006), Barcelona, Spain, Apr 2006:1-11.
[126]Biondi P, Desclaux F. Silver needle in the Skype [C]. In BlackHat Europe'06, Amster-dam,Netherlands, Mar 2006.
[127]Garfinkel S L. VoIP and Skype security [J]. Skype Security Overview-Rev,2005:1-5.
[128]Liang J, Kumar R, Ross K W. The KaZaA overlay:A measurement study [J]. Computer Networks Journal (Elsevier),2005,49 (6).
[129]Skype API reference. https://developer.skype.com/Docs/ApiDoc.
[130]Reed M, Syverson P, Goldschlag D. Anonymous connections and onion routing [J]. IEEE Journal on Selected areas in Communications,1998,16 (4):482-494.
[131]Diffie W, Hellman M. New directions in cryptography [J]. IEEE Transactions on information The-ory,1976,22 (6):644-654.
[132]Bonfiglio D, Mellia M, Meo M, et al. Detailed analysis of skype traffic [J]. IEEE Transactions on Multimedia,2009,11 (1):117-127.
[133]Martin D, Schulman A. Deanonymizing users of the safeweb anonymizing service [C]. In Proc. 11th USENIX Security Symposium, August 2002.
[2]Goldberg I. A pseudonymous communications infrastructure for the internet [D]. [S.1.]:University of California at Berkeley,2000.
[3]Clarke R. Introduction to dataveillance and information privacy, and definitions of Terms [EB/OL]. 1999. http://www.rogerclarke.com/DV/Intro.html.
[4]Deibert R. Access denied:The practice and policy of global Internet filtering [M]. MIT Press, 2008.
[5]Martin D. Local anonymity in the Internet [D]. [S.1.]:Boston University,1999.
[6]Kugler D. An analysis of gnunet and the implications for anonymous, censorship-resistant net-works [C]. In Privacy Enhancing Technologies workshop (PET'03), March 2003:161-176.
[7]Kopsell S, Hilling U. How to achieve blocking resistance for existing systems enabling anonymous web surfing [C]. In Proceedings of the Workshop on Privacy in the Electronic Society (WPES 2004), Washington, DC, USA, October 2004:47-58.
[8]Dingledine R, Mathewson N. Design of a blocking-resistant anonymity system.2007. http:// www.torproject.org/svn/trunk/doc/design-paper/blocking.pdf.
[9]Sovran Y, Li J, Submaranian L. Unblocking the Internet:Social networks foil censors [R].2009.
[10]Feamster N, Balazinska M, Wang W, et al. Thwarting web censorship with untrusted messenger discovery [C]//Dingledine R. In Proceedings of Privacy Enhancing Technologies workshop (PET 2003), March 2003:125-140.
[11]Watts D J, Strogatz S H. Collective dynamics of'small-world' networks [J]. Nature,1998,393 (6684):440-442.
[12]Skype [EB/OL]. http://www.skype.com.
[13]Chaum D L. Untraceable electronic mail, return addresses, and digital pseudonyms [J]. Communi-cations of the ACM,1981,24 (2):84-90.
[14]Pfitzmann A, Kohntopp M. Anonymity, unobservability, and pseudonymity-a proposal for termi-nology [C]. In Workshop on Design Issues in Anonymity and Unobservability,2000:10-29.
[15]Flinn B, Maurer H. Levels of anonymity [J]. Journal of Universal Computer Science,1995,1 (1): 35-47.
[16]Reiter M K, Rubin A D. Crowds:Anonymity for web transactions [J]. ACM Transactions on Information and System Security (TISSEC),1998,1 (1):66-92.
[17]Berthold O, Pfitzmann A, Standtke R. The disadvantages of free MIX routes and how to overcome them [C]. In Proceedings of Designing Privacy Enhancing Technologies:Workshop on Design Issues in Anonymity and Unobservability,2000:30-45.
[18]Shields C, Levine B N. A protocol for anonymous communication over the Internet [C]. In Pro-ceedings of the 7th ACM conference on Computer and communications security, Athens, Greece, 2000:33-42.
[19]Diaz C, Seys S, Claessens J, et al. Towards measuring anonymity [C]. In Proceedings of Privacy Enhancing Technologies workshop (PET'02), April 2002:54-68.
[20]Serjantov A, Danezis G. Towards an information theoretic metric for anonymity [C]. In Proceed-ings of Privacy Enhancing Technologies workshop (PET'02),2002:41-53.
[21]Guan Y, Fu X, Bettati R, et al. An optimal strategy for anonymous communication protocols [C]. In Proceedings of the 22nd International Conference on Distributed Computing Systems (ICDCS'02), Vienna, Austria,2002:257-266.
[22]Zhu Y, Bettati R. Anonymity vs. information leakage in anonymity systems [C]. In Proceedings of the 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05), Wash-ington DC, USA,2005:514-524.
[23]ClauB S, Schiffner S. Structuring anonymity metrics [C]. In Proceedings of the Second ACM work-shop on Digital identity management(DIM'06), Alexandria, Virginia, USA,2006:55-62.
[24]Deng Y, Pang J, Wu P. Measuring anonymity with relative entropy [C]. In Proceedings of the 4th International Workshop on Formal Aspects in Security and Trust,2006:65-79.
[25]Gabber E, Gibbons P, Matias Y, et al. How to make personalized web browsing simple, secure, and anonymous [C]. In Proceedings of Financial Cryptography 97,1997:17-31.
[26]Diaz C, Serjantov A. Generalising mixes [C]. In Proceedings of Privacy Enhancing Technologies workshop (PET'03), mar 2003:18-31.
[27]时金桥Internet上匿名通信技术的研究[D].[S.1.]:哈尔滨工业大学,2007.
[28]Park C, Itoh K, Kurosawa K. Efficient anonymous channel and all/nothing election scheme [C]. In Proceedings of Advances in Cryptology-EUROCRYPT'93,1993:248-259.
[29]Golle P, Jakobsson M, Juels A, et al. Universal re-encryption for mixnets [C]. In Proceedings of RSA-Conference, Cryptographers' Track,2004:163-178.
[30]Gomulkiewicz M, Klonowski M, Kutylowski M. Onions based on universal re-encryption-anonymous communication immune against repetitive attack [C]. In International Workshop on Information Security Applications (WISA04),2004:400-410.
[31]Klonowski M, Kutylowski M, Zagorski F. Anonymous communication with on-line and off-line onion encoding [C]. In SOFSEM 2005:Theory and Practice of Computer Science,2005:229-238.
[32]Danezis G. Breaking four mix-related schemes based on universal re-encryption [C]. In Proceed-ings of Information Security Conference 2006 (ISC 2006), September 2006:46-59.
[33]Kilian J, Sako K. Receipt-free MIX-type voting scheme—a practical solution to the implementation of a voting booth [C]. In Proceedings of Advances in Cryptology (Eurocrypt'95), May 1995:393-403.
[34]Michels M, Horster P. Some remarks on a receipt-free and universally verifiable mix-type voting scheme [C]. In Proceedings of Advances in Cryptology (Asiacrypt'96), November 1996:125-132.
[35]Ogata W, Kurosawa K, Sako K, et al. Fault tolerant anonymous channel [C]. In Proceedings of International Conference on Information and Communication Security (ICICS'97),1997:440-444.
[36]Abe M. Universally verifiable mix-net with verification work independent of the number of mix-servers [C]. In Proceedings Advances in Cryptology (Eurocrypt'98), June 1998:437-447.
[37]Jakobsson M. A practical mix [C]. In Proceedings of Advances in Cryptology-Eurocrypt'98, June 1998:448-461.
[38]Desmedt Y, Kurosawa K. How to break a practical mix and design a new one [C]. In Proceedings of Advances in Cryptology (Eurocrypt'00), May 2000:557-572.
[39]Jakobsson M. Flash mixing [C]. In Proceedings of the eighteenth annual ACM symposium on Principles of distributed computing,1999:83-89.
[40]Mitomo M, Kurosawa K. Attack for flash MIX [C]. In Proceedings of Advances in Cryptology (Asiacrypt'00), December 2000:192-204.
[41]Furukawa J, Sako K. An efficient scheme for proving a shuffle [C]. In Advances in Cryptology— CRYPTO 2001,2001:368-387.
[42]Neff C A. A verifiable secret shuffle and its application to e-voting [C]. In Proceedings of ACM Conference on Computer and Communications Security (CCS'01),2001:116-125.
[43]Golle P, Zhong S, Boneh D, et al. Optimistic mixing for exit-polls [C]. In Proceedings of Advances in Cryptology (Asiacrypt'02), December 2002:593-602.
[44]陈晓峰,王育民.基于匿名通讯信道的安全电子投票方案[J].电子学报,2003,31(003):390-393.
[45]高虎明,王继林,王育民.一个基于Mix net的电子投票方案[J].电子学报,2004,32(006):1047-1049.
[46]李彦江,马传贵,黄刘生.一种电子投票方案[J].软件学报,2005,16(10):1805-1810.
[47]Chaum D. The dining cryptographers problem:Unconditional sender and recipient untraceability [J]. Journal of Cryptology,1988,1 (1):65-75.
[48]Waidner M. Unconditional sender and recipient untraceability in spite of active attacks [C]. In Proceedings of Eurocrypt'89,1989:302-319.
[49]Sirer E G, Polte M, Robson M. Cliquenet:A self-organizing, scalable, peer-to-peer anonymous communication substrate [EB/OL].2001. http://www.cs.cornell.edu/People/egs/ cliquenet/papers.html.
[50]Goel S, Robson M, Polte M, et al. Herbivore:A scalable and efficient protocol for anonymous communication [R].2003.
[51]Ahn L V, Bortz A, Hopper N J. k-Anonymous message transmission [C]. In the I Oth ACM confer-ence on Computer and communications security,2003:122-130.
[52]Sherwood R, Bhattacharjee B, Srinivasan A. P 5:A protocol for scalable anonymous communica-tion [J]. Journal of Computer Security,2005,13. (6):839-876.
[53]Dolev S, Ostrobsky R. Xor-trees for efficient anonymous multicast and reception [C]. In ACM Transactions on Information and System Security (TISSEC),2000:63-84.
[54]Shields C. Secure hierarchical multicast routing and multicast internet anonymity [D]. [S.1.]:Uni-versity of California Santa Cruz,1998.
[55]王伟平,陈建二,王建新,et al.基于组群的有限路长匿名通信协议[JJ.计算机研究与发展,2003,40(004):609-614.
[56]王伟平,陈建二,陈松乔,et al.匿名通信中短距离优先分组重路由方法的研究[J].软件学报,2004,15(4):561-570.
[57]眭鸿飞,陈建二,陈松乔,et al.重路由匿名通信系统中基于秘密共享的重路由算法[J].计算机研究与发展,2005,42(010):1660-1666.
[58]眭鸿飞,陈松乔,陈建二,et a1.基于重路由匿名通信系统的负载分析[J].软件学报,2004,15(002):278-285.
[59]Dai W. Pipenet 1.1 [EB/OL].1996. Http://www.eskimo.com/-weidai/pipenet.txt.
[60]Beimel A, Dolev S. Buses for anonymous message delivery [J]. Journal of Cryptology,2008,16 (1):25-39.
[61]Al-Muhtadi J, Campbell R, Kapadia A, et al. Routing through the mist:Privacy preserving com-munication in ubiquitous computing environments [C]. In International Conference of Distributed Computing Systems (ICDCS'02),2002:74-83.
[62]Overlier L, Syverson P. Locating hidden servers [C]. In 2006 IEEE Symposium on Security and Privacy, California, USA, May 2006:15.
[63]Dingledine R, Mathewson N, Syverson P. Tor:The second-generation onion router [C]. In Pro-ceedings of the 13th USENIX Security Symposium, San Diego, USA, August 2004:303—320.
[64]Parekh S. Prospects for remailers-where is anonymity heading on the internet.1996. http:// www.firstmonday.dk/issues/issue2/remailers/index.html.
[65]Moller U, Cottrell L, Palfrader P, et al. Mixmaster protocol-version 2. jul 2003.
[66]Danezis G, Dingledine R, Mathewson N. Mixminion:Design of a type Ⅲ anonymous remailer protocol [C]. In the 2003 IEEE Symposium on Security and Privacy, May 2003.
[67]Gulcu C, Tsudik G. Mixing E-mail with Babel [C]. In Network and Distributed System Security, 1996., Proceedings of the Symposium on, February 1996:2-16.
[68]Goldschlag D, Reed M, Syverson P. Hiding routing information [C]. In Information Hiding,1996: 137-150.
[69]赵福祥,王育民.可靠洋葱路由方案的设计与实现[J].计算机学报,2001,24(005):463-467.
[70]吴振强,杨波.追踪洋葱包的高级标记方案与实现[J].通信学报,2002,23(005):96-102.
[71]吴振强,杨波.基于葱头路由技术和MPLS的隐匿通信模型[J].西安电子科技大学学报(自然科学版),2002,29(004):513-517.
[72]Berthold O, Federrath H, Kopsell S. Web MIXes:A system for anonymous and unobservable Internet access [C]. In International Workshop on Designing Privacy Enhancing Technologies: Design Issues in Anonymity and Unobservability, Berkeley,2000:115-129.
[73]Boucher P, Shostack A, Goldberg I. Freedom system 2.0 architecture [EB].2000. http://www. freedom.net/info/whitepapers/.
[74]Back A, Goldberg I, Shostack A. Freedom 2.1 security issues and analysis [EB].2001. http:// www.freedom.net/info/whitepapers/Freedom_Security2-1.pdf.
[75]Rennhard M, Plattner B. Introducing MorphMix:peer-to-peer based anonymous Internet usage with collusion detection [C]. In the 2002 ACM workshop on Privacy in the Electronic Society, November 2002:102.
[76]Freedman M J, Morris R. Tarzan:A peer-to-peer anonymizing network layer [C]. In Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS 2002), Washington, DC, November 2002.
[77]Lu T, Fang B, Sun Y, et al. Wongoo:A peer-to-peer protocol for anonymous communication [C]. In the 2004 International Conference on Parallel and Distributed Processing Techniques and Applications (PDPTA'04), Las Vegas, Nevada, USA, June 2004:1102-1106.
[78]Anderson R. The eternity service [C]. In Pragocrypt'96,1996.
[79]Waldman M, Rubin A D, Cranor L F. Publius:A robust, tamper-evident, censorship-resistant web publishing system [C]. In the 9th USENIX Security Symposium, August 2000:59-72.
[80]Shamir A. How to share a secret[J]. Communications of the ACM,1979,22 (11):612-613.
[81]Goldberg I, Wagner D. TAZ servers and the rewebber network enabling anonymous publishing on the world wide web [J]. First Monday,1998,4 (3).
[82]Dingledine R, Freedman M, Molnar D. The free haven project:Distributed anonymous storage service [C]. In International Workshop on Designing Privacy Enhancing Technologies:Design Issues in Anonymity and Unobservability,2000:67-95.
[83]Bennett K, Grothoff C. GAP-practical anonymous networking [C]. In Privacy Enhancing Tech-nologies workshop (PET'03), March 2003:141-160.
[84]Waldman M, Mazieres D. Tangler:a censorship-resistant publishing system based on document entanglements [C]. In Proceedings of the 8th ACM Conference on Computer and Communications Security (CCS'01), November 2001:126-135.
[85]Clarke I, Sandberg O, Wiley B, et al. Freenet:A distributed anonymous information storage and retrieval system [C]. In Proceedings of Designing Privacy Enhancing Technologies:Workshop on Design Issues in Anonymity and Unobservability, July 2000:46-66.
[86]Dolev D, Yao A. On the security of public key protocols [J]. IEEE Transactions on information theory,1983,29(2):198-208.
[87]Raymond J F. Traffic analysis:Protocols, attacks, design issues, and open problems [C]. In Pro-ceedings of International Workshop on Designing Privacy Enhancing Technologies:Design Issues in Anonymity and Unobservability, July 2000:10-29.
[88]Serjantov A, Murdoch S. Message splitting against the partial adversary [C]. In Proceedings of Privacy Enhancing Technologies workshop (PET 2005),2005:26-39.
[89]Wright M, Adler M, Levine B N, et al. Defending anonymous communications against passive logging attacks [C]. In Proceedings of the 2003 IEEE Symposium on Security and Privacy, Wash-ington, DC, USA,2003:28-42.
[90]Kedogan D, Agrawal D, Penz S. Limits of anonymity in open environments [C]. In n Proceedings of Information Hiding workshop (IH'02), October 2002:53-69.
[91]Agrawal D, Kesdogan D, Penz S. Probabilistic treatment of mixes to hamper traffic analysis [C]. In Proceedings of the 2003 IEEE Symposium on Security and Privacy,2003:16-27.
[92]Mathewson N, Dingledine R. Practical traffic analysis:Extending and resisting statistical disclo-sure [C]. In Proceedings of Privacy Enhancing Technologies workshop (PET'04), May 2004:17-34.
[93]Kesdogan D, Pimenidis L. The hitting set attack on anonymity protocols [C]. In Proceedings of 6th Information Hiding Workshop, Toronto,2004:326-339.
[94]Pfitzmann B, Pfitzmann A. How to break the direct RSA-implementation of MIXes [C]. In Pro-ceedings of Advances in Cryptology—EUROCRYPT'89,1989:373-381.
[95]Pfitzmann B. Breaking an efficient anonymous channel [C]. In Proceedings of Advances in Cryp-tology—EUROCRYPT'94, May 1994:332-340.
[96]Danezis G, Laurie B. Minx:A simple and efficient anonymous packet format [C]. In Proceedings of the 2004 ACM workshop on Privacy in the electronic society, New York, NY, USA,2004: 59-65.
[97]Levine B N, Reiter M K, Wang C, et al. Timing attacks in low-latency mix systems [C]. In Pro-ceedings of Financial Cryptography (FC'04), February 2004:251-265.
[98]Felten E W, Schneider M A. Timing attacks on web privacy [C]. In Proceedings of the 7th ACM conference on Computer and communications security, New York, NY, USA,2000:25-32.
[99]Danezis G, Sassaman L. Heartbeat traffic to counter (n-1) attacks:red-green-black mixes [C]. In Proceedings of the Workshop on Privacy in the Electronic Society (WPES2003), Washington, DC, USA,2003:93.
[100]Kesdogan D, Egner J, Buschkes R. Stop-and-go-MIXes providing probabilistic anonymity in an open system [C]. In Proceedings of Information Hiding workshop, April 1998:83-98.
[101]Shi J Q, Fang B X, Shao L J. Regroup-And-Go mixes to counter the (n-1) attack [J]. Internet Research, Special Issue on Privacy and Anonymity in the Digital Era:Theory, Technologies and Practice,2006,16(2):213-223.
[102]Wright M, Adler M, Levine B N, et al. An analysis of the degradation of anonymous protocols [C]. In Proceedings of Network and Distributed Security Symposium (NDSS'02), February 2002.
[103]Douceur J R. The sybil attack [C]. In Peer-To-Peer Systems:First International Workshop(IPTPS 2002), Cambridge, Ma, USA, March 2002:251-260.
[104]Rogers M. Censorship-resistant communication over public networks [J]. UCL Research Note, 2006,6(04):1.
[105]Clayton R, Murdoch S J, Watson R N M. Ignoring the Great Firewall of China [C]//Danezis G, Golle P. In Proceedings of the Sixth Workshop on Privacy Enhancing Technologies (PET 2006), Cambridge, UK, June 2006:20-35.
[106]Panchenko A, Pimenidis L. Using trust to resist censorship in the presence of collusion [C]. In Proceedings of the 22th IFIP TC-11 International Information Security Conference (IFIP SEC 2007), Sandton, South Africa, May 2007:409-420.
[107]Ptacek T H, Newsham T N. Insertion, evasion, and denial of service:Eluding network intrusion detection [R].1998.
[108]Perng G, Reiter M K, Wang C. Censorship resistance revisited [C]. In Proceedings of Information Hiding Workshop (IH 2005), June 2005:62-76.
[109]Danezis G, Anderson R. The Economics of Censorship Resistance [C]. In Proceedings of Work-shop on Economics and Information Security (WEIS04), May 2004.
[110]Feamster N, Balazinska M, Harfst G, et al. Infranet:Circumventing web censorship and surveil-lance [C]. In Proceedings of the 1 lth USENIX Security Symposium, August 2002.
[111]陆传赉.排队论[M].北京邮电学院出版社,1994.
[112]陆大絟.随机过程及其应用[M].清华大学出版社,1986.
[113]Garriss S, Kaminsky M, Freedman M J, et al. RE:reliable email [C]. In Proceedings of the 3rd Symposium on Networked Systems Design and Implementation (NSDI'06), San Jose, CA, May 2006:297-310.
[114]Yu H, Kaminsky M, Gibbons P B, et al. Sybilguard:defending against sybil attacks via social networks [C]. In Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications,2006:278.
[115]Albert R, Barabasi A-L. Statistical mechanics of complex networks [J]. Reviews of modern physics,2002,74 (1):47-97.
[116]Erdos P, ARenyi. On random graphs [J]. Publications Mathematical,1959,6:290-297.
[117]Barabasi A-L, Albert R. Emergence of scaling in random networks [J]. Science,1999,286: 509-512.
[118]Milgram S. The small world problem [J]. Psychology Today,1967,2 (60).
[119]Newman M E J. Spread of epidemic disease on networks [J]. Physical Review E,2002,66 (1): 16128.
[120]周涛,傅忠谦,牛永伟,et a1.复杂网络上传播动力学研究综述[J].自然科学进展,2005,15(005):513-518.
[121]Anderson R M, May R M. Infectious diseases of humans [M]. Oxford University Press,1991.
[122]Newman M E J, Watts D J. Scaling and percolation in the small-world network model [J]. Physical Review E,1999,60 (6):7332-7342.
[123]Moore C, Newman M E J. Epidemics and percolation in small-world networks [J]. Physical Review E,2000,61 (5):5678-5682.
[124]Pastor-Satorras R, Vespignani A. Epidemic spreading in scale-free networks [J]. Physical review letters,2001,86 (14):3200-3203.
[125]Baset S A, Schulzrinne H. An analysis of the skype peer-to-peer internet telephony protocol [C]. In Proc.25th IEEE International Conference on Computer Communications (INFOCOM 2006), Barcelona, Spain, Apr 2006:1-11.
[126]Biondi P, Desclaux F. Silver needle in the Skype [C]. In BlackHat Europe'06, Amster-dam,Netherlands, Mar 2006.
[127]Garfinkel S L. VoIP and Skype security [J]. Skype Security Overview-Rev,2005:1-5.
[128]Liang J, Kumar R, Ross K W. The KaZaA overlay:A measurement study [J]. Computer Networks Journal (Elsevier),2005,49 (6).
[129]Skype API reference. https://developer.skype.com/Docs/ApiDoc.
[130]Reed M, Syverson P, Goldschlag D. Anonymous connections and onion routing [J]. IEEE Journal on Selected areas in Communications,1998,16 (4):482-494.
[131]Diffie W, Hellman M. New directions in cryptography [J]. IEEE Transactions on information The-ory,1976,22 (6):644-654.
[132]Bonfiglio D, Mellia M, Meo M, et al. Detailed analysis of skype traffic [J]. IEEE Transactions on Multimedia,2009,11 (1):117-127.
[133]Martin D, Schulman A. Deanonymizing users of the safeweb anonymizing service [C]. In Proc. 11th USENIX Security Symposium, August 2002.
© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号 地址:北京市海淀区学院路29号 邮编:100083 电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700 |