Detect Slitheen by analyzing the browsing behaviors and forcing retransmission

摘要

Previous studies on decoy routing did not consider the impact of content delivery networks (CDN). The CDN are widely used by popular websites which should not be ignored. In this paper, we take the first step to study the problem of applying the decoy routing in the CDN. In detail, we take Slitheen, which is one of the most advanced decoy routing techniques as our research object, and design the detection attacks from the following aspects: replacing the CDN edge servers; analyzing retransmission latency; comparing ciphertexts; analyzing the page loading duration. If Slitheen exposes its users to the censor, they will be in great danger in some repressive regimes. In order to reinforce Slitheen, we propose attack plans from the perspective of the attacker. To the best knowledge of the authors, our work is the first research on decoy routing in the CDN. By simulations, we demonstrate the feasibility of our detection scheme. We show that using our attack methods, the packet-sending frequency, the retransmission delay, and the page loading durations of Slitheen sessions are all obviously different from regular ones.