Tawagar masu bincike daga Jami'ar Georgetown da Laboratory Research Naval na Amurka Juriya na cibiyar sadarwar Tor da ba a san sunansa ba zuwa hare-haren da ke haifar da ƙin sabis (DoS). An gina bincike kan lalata hanyar sadarwa ta Tor ne ta hanyar tantancewa (toshe damar shiga Tor), gano buƙatun ta hanyar Tor a cikin zirga-zirgar ababen hawa, da kuma nazarin alaƙar zirga-zirgar ababen hawa kafin kumburin shiga da kuma bayan kullin fita Tor don cire sunayen masu amfani. Wannan bincike ya nuna cewa ana yin watsi da hare-haren DoS akan Tor kuma, a farashin dubban daloli a wata, na iya haifar da rushewa ga Tor wanda zai iya tilasta masu amfani su daina amfani da Tor saboda rashin aiki.
Masu bincike sun ba da shawarar al'amura guda uku don aiwatar da hare-haren DoS: haifar da cunkoso a tsakanin nodes gada, rashin daidaituwar kaya da kuma haifar da cunkoso a tsakanin relays, wanda aiwatar da shi yana buƙatar maharin ya sami nauyin 30, 5 da 3 Gbit / s. Ta fuskar kudi kuwa, za a kashe dala dubu 17, 2.8 da kuma dala dubu 1.6, wajen kai harin na tsawon wata guda. Don kwatantawa, gudanar da harin DDoS kai tsaye don tarwatsa Tor na buƙatar 512.73 Gbit/s na bandwidth kuma farashin $7.2 miliyan kowane wata.
Hanya ta farko, akan farashin dala dubu 17 a kowane wata, ta hanyar ambaliya ƙayyadaddun ƙofofin gada tare da ƙarfin 30 Gbit/s zai rage saurin saukar da bayanai ta abokan ciniki da kashi 44%. Yayin gwaje-gwajen, nodes 12 obfs4 kawai daga cikin 38 sun ci gaba da aiki (ba a haɗa su cikin jerin sabar bayanan jama'a ba kuma ana amfani da su don ketare toshe nodes na sentinel), wanda ke ba da damar yin zaɓen ambaliya sauran nodes ɗin gada. . Masu haɓaka Tor za su iya ninka farashin kulawa kuma su dawo da ƙofofin da suka ɓace, amma maharin zai buƙaci ƙara farashin su zuwa $31 a kowane wata don kai hari ga duk nodes ɗin gada 38.
Hanya ta biyu, wacce ke buƙatar 5 Gbit/s don hari, ta dogara ne akan tarwatsa tsarin ma'aunin bandwidth na TorFlow na tsakiya kuma yana iya rage matsakaicin saurin saukar da bayanan abokan ciniki da kashi 80%. Ana amfani da TorFlow don daidaita nauyi, wanda ke ba da damar kai hari don tarwatsa rarraba zirga-zirgar zirga-zirga da tsara hanyar sa ta hanyar iyakance adadin sabar, yana haifar da yin lodi.
Hanya na uku, wanda 3 Gbit/s ya isa, ya dogara ne akan yin amfani da abokin ciniki na Tor da aka gyara don ƙirƙirar nauyin parasitic, wanda ke rage saurin saukewar abokin ciniki da kashi 47% akan farashin dala dubu 1.6 a kowane wata. Ta hanyar haɓaka farashin harin zuwa dala dubu 6.3, zaku iya rage saurin saukar da abokin ciniki da kashi 120%. Abokin ciniki da aka gyara, maimakon daidaitaccen ginin sarkar nodes uku (shigarwa, tsaka-tsaki da kullin fita), yana amfani da sarkar nodes 8 da aka ba da izini ta hanyar yarjejeniya tare da matsakaicin adadin hops tsakanin nodes, bayan haka yana buƙatar zazzagewa. manyan fayiloli kuma yana dakatar da ayyukan karantawa bayan aika buƙatun, amma yana ci gaba da aika umarni na SENDME masu sarrafawa waɗanda ke ba da umarni nodes ɗin shigarwa don ci gaba da watsa bayanai.
An lura cewa ƙaddamar da ƙin sabis ɗin yana da tasiri sosai fiye da shirya harin DoS ta amfani da hanyar Sybil akan farashi iri ɗaya. Hanyar Sybil ta ƙunshi sanya adadi mai yawa na relays a kan hanyar sadarwar Tor, wanda za'a iya watsar da sarƙoƙi ko rage bandwidth. Idan aka ba da kasafin kai hari na 30, 5, da 3 Gbit/s, hanyar Sybil ta sami raguwar ayyuka na 32%, 7.2%, da 4.5% na nodes na fitarwa, bi da bi. Yayin da hare-haren DoS da aka tsara a cikin binciken ya rufe duk nodes.
Idan muka kwatanta farashi tare da wasu nau'ikan hare-hare, to, kai harin don ɓoye sunayen masu amfani tare da kasafin kuɗi na 30 Gbit / s zai ba mu damar samun iko akan 21% na masu shigowa da 5.3% na nodes masu fita da cimma ɗaukar hoto na duk nodes a cikin sarkar a cikin 1.1% na lokuta. Don kasafin kuɗi na 5 da 3 Gbit/s, ingantaccen aiki zai zama 0.06% (4.5% mai shigowa, 1.2% egress nodes) da 0.02% (2.8% mai shigowa, 0.8% egress nodes).
source: budenet.ru