ArticlePDF Available

Anonymity communication VPN and Tor: a comparative study

Authors:

Abstract and Figures

VPN and Tor is a technology based on anonymity communication. These two technologies have their advantage and disadvantage. The objective of this paper is to find the difference between VPN and Tor technologies by comparing their security of communication on the public network based on the CIA triad concept. The comparative study in this paper is based on the survey method. At last, the result of this paper is a recommendation on when to use a VPN and Tor to secure communication
Content may be subject to copyright.
Journal of Physics: Conference Series
PAPER • OPEN ACCESS
Anonymity communication VPN and Tor: a
comparative study
To cite this article: E Ramadhani 2018 J. Phys.: Conf. Ser. 983 012060
View the article online for updates and enhancements.
Related content
The comparative study for the isotropic
and orthotropic circular plates
C Popa and G Tomescu
-
Vaccination Strategies: a comparative
study in an epidemic scenario
D. B. Prates, C. L. T. F. Jardim, L. A. F.
Ferreira et al.
-
Modeling and comparative study of linear
and nonlinear controllers for rotary
inverted pendulum
Byron Lima, Ricardo Cajo, Víctor Huilcapi
et al.
-
This content was downloaded from IP address 139.81.165.1 on 06/04/2018 at 13:32
1
Content from this work may be used under the terms of the Creative Commons Attribution 3.0 licence. Any further distribution
of this work must maintain attribution to the author(s) and the title of the work, journal citation and DOI.
Published under licence by IOP Publishing Ltd
1234567890 ‘’“”
International Conference on Mathematics, Science and Education 2017 (ICMSE2017) IOP Publishing
IOP Conf. Series: Journal of Physics: Conf. Series 983 (2018) 012060 doi :10.1088/1742-6596/983/1/012060
Anonymity communication VPN and Tor: a comparative
study
E Ramadhani1,*
1Department of Industrial Engineering, Faculty of Industrial Technology, Universitas
Islam Indonesia
*Corresponding author: erika@uii.ac.id
Abstract. VPN and Tor is a technology based on anonymity communication. These two
technologies have their advantage and disadvantage. The objective of this paper is to find the
difference between VPN and Tor technologies by comparing their security of communication
on the public network based on the CIA triad concept. The comparative study in this paper is
based on the survey method. At last, the result of this paper is a recommendation on when to
use a VPN and Tor to secure communication
1. Introduction
Anonymity communication is a communication that provides a hiding services on the Internet. The
aim is to secure the communication line from an authorized user. Virtual Private Network (VPN) and
The onion routing (Tor) are examples of anonymity communication. VPN and Tor have the same
tunneling model communication, and they are also using encryption technology to reach the integrity
of data. VPN usually implemented in an enterprise, while Tor tends to be used in a darknet side of the
Internet.
The problem is although VPN and Tor have a similarity in their purpose, we cannot implement it
arbitrarily. Inappropriate use may cause a fatal error in a network security system. We need to know
on when to use between VPN and Tor; we need to do a comparative study between VPN and Tor
regarding the security of communication. The comparative study is based on the survey method. The
comparison covers the technology that has been used, the vulnerability of system so we can see the
advantage and the disadvantages of the system, and the comparison based on the CIA triad concept in
network security.
The result of this paper may be used as a recommendation when to use a VPN and Tor to get a
secure communication based on anonymity communication.
2. Theoretical Background
2.1. Virtual Private Networks (VPN)
VPN is a network technology for securing communications lines between members or groups that
together use public communications infrastructure that provides privacy services to communication
lines using security and tunneling protocols. Characteristic of the VPN itself is the use of tunnels that
provide security privacy to the communication path between nodes. VPN technology is usually called
2
1234567890 ‘’“”
International Conference on Mathematics, Science and Education 2017 (ICMSE2017) IOP Publishing
IOP Conf. Series: Journal of Physics: Conf. Series 983 (2018) 012060 doi :10.1088/1742-6596/983/1/012060
VPN tunneling. Tunneling is a network technology that encompasses one type of protocol that
contains packets and datagrams from different protocols [1]. For example, a Windows VPN uses
point-to-point tunneling (PPTP) protocol package to complement and transmit private network traffic
such as TCP / IP over public networks such as the Internet.
2.2. The onion routing (Tor)
The Onion Routing (Tor) is a computer network technology that uses the routing process to several
hops to get to the destination. During the routing process to some hops, the encryption process occurs.
The encryption process is done three times by the hops that passed. Tor provides the type of data
delivery security from the anonymity side of the communication path. The client will be connected to
the destination by passing through 3 relays namely entry node, middle relay, and exit relay. These
three relays will then perform the process of encryption of the data [2].
2.3. CIA Triad Concept
Security components in the computer network system consisting of three kinds of confidentiality,
integrity, and availability commonly abbreviated to the CIA. Essential components related to data
communications security are confidentiality and integrity. Confidentiality is usually associated with
data confidentiality. Data or information can only be read by an authenticated user. Usually, the
implementation is using cryptographic techniques in the process of sending data. Two things to
consider in confidentiality, are data confidentiality and privacy. Integrity relates to the authenticity of
data that already transmitted, requires unmanipulated data. While the availability associated with the
provision of services to access data or information by the user. Systems should always be available to
provide services to users [3]. Two important things to note on this point are data integrity and system
integrity.
3. Methods
This research method is done by doing a comparative review of previous research papers that talk
about VPN and Tor. To compute the system against VPN and Tor, it is necessary to consider the
security characteristics of data communications that have been discussed previously, namely
confidentiality, integrity, and availability. The research flow is shown in Figure 1.
4. Result and Discussion
The result of security comparison of data communication between VPN and Tor is divided into two
categories: based on security components and based on weaknesses in topology and technology used.
Figure 1. Flowchart of research
Start Data Collection Data Processing
Analysis and
Comparative
Study
Result Recomendation
End
3
1234567890 ‘’“”
International Conference on Mathematics, Science and Education 2017 (ICMSE2017) IOP Publishing
IOP Conf. Series: Journal of Physics: Conf. Series 983 (2018) 012060 doi :10.1088/1742-6596/983/1/012060
The following is the result of comparison of data communication security between VPN and Tor,
shown in Table 1.
Table 1. Comparison between VPN and Tor based on CIA triad concept
Confidentiality
Integrity
Availability
Tunneling encryption
SSL/TLS and digital
signature
Integrity check
Conventional authentication
Using AH and ESP
protocol [4]
Good performance by
using sustainable ping
process [5]
Three hops tunneling
encryption
Negotiation secret key
Using TLS/SSLv3 Protocol
Using SOCKS proxy
Using symmetric crypto
Sustainable
communication by
using relay
Low latency
In this section, the discussion will cover the differences between VPN and Tor based on
communication security from CIA components. The subject matter will be based on the table 2 of
relationships between Security Services and Mechanisms written by Stallings, W.
Table 2. Relationship between security services and mechanisms
Service
Enciphermen
t
Digital
Signature
Data
Integrity
Authenticati
on Exchange
Routi
ng
Control
Confidentialit
y
Y
Y
Data Integrity
Y
Y
Y
Availability
Y
Y
4.1. Confidentiality
Confidentiality is one component of system security that maintains the confidentiality of a data. In this
section includes two concepts of data confidentiality and privacy. In the data confidentiality that is
concerned is the protection of data from access from outside that is not authorized. In the VPN, the
aspect of confidentiality is shown in the use of tunneling encryption. Encryption tunneling on a VPN
is an aspect that encrypts all data passing through its path. This encryption technology allows data
confidentiality to be maintained. The existence of this encryption technology also prevents an
unauthorized user from being able to read the contents of the transmitted data, even though the
intruder can intercept the data. Tunneling technology used by the VPN is the routing process is done
directly from the source to the destination. While the technology used by Tor, the encryption process
is done by three layers. This is done to avoid sniffing the data contents by the attacker. Also, to
achieve the goal of the Tor is anonymous communication. Tunneling used in Tor is a routing process
done by passing through 3 relays [6].
4.2. Integrity
This section discusses how VPN and Tor can maintain data integrity. On VPN there are three types of
protocols used for site-to-site connections: PPTP, L2TP over IPSec, and IPsec tunnel mode. In PPTP-
VPN the technology does not provide a guarantee of data integrity. PPTP also does not provide Public
Key Infrastructure (PKI) to check computer certificates [7]. While on the IP-Sec VPN there is a
4
1234567890 ‘’“”
International Conference on Mathematics, Science and Education 2017 (ICMSE2017) IOP Publishing
IOP Conf. Series: Journal of Physics: Conf. Series 983 (2018) 012060 doi :10.1088/1742-6596/983/1/012060
process of authentication, data integrity and encryption services to protect data from unauthorized
users and possible data modification. The protocols used are Authentication Header (AH) and
Encapsulated Security Payload (ESP). For L2TP is a combination of Microsoft Point-to-Point
Tunneling Protocol (PPTP) and Cisco L2F. Usually, L2TP does not provide encryption technology, so
L2TP is often implemented in conjunction with IPsec. IPSec provides two of key management; they
are Manual Key Management and Automated Key Management. HMAC-Message Diggest 5 (HMAC-
MD5) and HMAC Secure Hash Algorithm 1 (HMAC-SHA1) is the two popular algorithm in a VPN
gateway that uses for verifying the integrity of data. VPN also uses Diffie-Hellman Group 1 (DH-1) &
Diffie-Hellman Group 2 (DH-2) as an encryption algorithms, but it is not a data integrity algorithms.
OpenVPN is an open source technology that uses OpenSSL encryption libraries and SSL v3 / TLS
v1 protocols. The configuration allows using AES or Blowfish encryption technology [8]. A Hashed
Message Authentication Code (HMAC) is a data integrity algorithm that ensures the integrity of the
message.
Table 3. Vulnerabilities Comparison between VPN and Tor
VPN
Tor
Type of attacks:
VPN Hijacking
Man in the Middle
Attacks
Type of attacks:
End-to-end attacks
Tagging attacks[9]
Lack of topology:
In many enterprises provided
a connection between
wireless and wired based.
Usually, the Ethernet jack is
open, but 802.1X enabled
authentication. This
condition called the hidden
wireless router (HWR)
vulnerability.
The IP address is not
restricted because ISP could
see it as an exit point.
Lack of topology:
Entry node and exit node is the vulnerable part.
According to [10], Tor exit node is the
vulnerability section. One of many categories of
attack is a malicious exit node modifies
webpages, inserting JavaScript code that
repeatedly connects to a logger server and
sending a distinctive signal along the link. If the
client uses a malicious entry node while
JavaScript is active, the entry node can detect
the signal and attacker can associate the client
using his communication.
We can not trust a relay in the onion network,
one of them maybe can act as an attacker.
In Tor, the integrity of the data draws much criticism and praise. Keep in mind Tor consists of
many relays hosted by volunteers. You can imagine many relays if more hosts are willing to be a node
inside a Tor network. So based on the exposure, the Tor topology will make the data becomes more
difficult to know where it came from and where to go. The encryption technology used is three layers
and passes the path using the TLS protocol. Here is a translation of Tor technology used regarding
data integrity:
Tor uses SOCKS proxy.
Before establishing the inter-node communication circuit, Tor uses Public Key Crypto.
Communication between circuits using Diffie-Helman crypto symmetric.
SIG: a signature of a SHA256 hash and OAEP-MGF1 padding
Tor also uses RSA and Diffie-Helman as an encryption algorithms, these two is not a data integrity
algorithms. In a study conducted by Seongmin Kim et al, they recommended an approach to improve
5
1234567890 ‘’“”
International Conference on Mathematics, Science and Education 2017 (ICMSE2017) IOP Publishing
IOP Conf. Series: Journal of Physics: Conf. Series 983 (2018) 012060 doi :10.1088/1742-6596/983/1/012060
security and privacy on the use of Tor using the Intel SGX they call SGX-Tor. Systems created based
on trusted computing. In a simple Tor topology, key pairs are stored as files, so there is the possibility
of a key leak. SGX-Tor protects cryptographic operations and wraps keys before being stored in a file
[11].
4.3. Availability
The more critical a service or component, the higher level of availability required. Interruptions that
occur in the service will cause the user cannot access the computer resources The assumption is when
a system provides authentication services for a critical application then the system can guard the
against the downtime and unreachable due to malicious actions. Based on table 2, the criteria reaching
the availability of a system is to have data integrity and authentication exchange mechanisms. VPN
and Tor have their data integrity and authentication exchange mechanisms that presented in section
5.2. VPN has their availability in one to one connection line straight from source to destination
without a low latency. While Tor is more slow because of its low latency, but the system is never
going down because the architecture is based on distributed system relay. The two has their advantage
in this section.
Table 4. Advantage and disadvantage between VPN and Tor
Communication
Advantage
Disadvantage
VPN
Fast
More secure than Tor if there
is no log in VPN provider.
Suitable for P2P filesharing
Not secure if the log could see
by VPN provider
IP address is known as exit
point or server
Sometimes not free
Tor
IP address is completely
secret
The topology is based on
distributed network
Free and open source
Not suitable for P2P
filesharing
Inefficient because of the low
latency
As conclution, in this section, we provide a recommendation when to use a VPN and Tor. Before
we are implementing between VPN or Tor, we should know the vulnerability of that two systems. The
vulnerability of VPN and Tor show on table 3. These vulnerabilities based on the type of attacks and
the lack of system topology. VPN is faster than Tor. Tor is very slow because the data is bounced
randomly through manfy relays which could be anywhere in the world. We do not need to trust anyone
while using Tor because it is completely anonymised. For such filesharing activities and streaming
geo-restricted media content, using VPN is better than a Tor. VPN very secure as long as there are no
logs at VPN provider. Tor is always oriented by mafia whistleblower or a dissident living under the
regime. VPN provider knows your real IP address and can see the internet traffic at the exit point but
not in Tor. To see the difference between VPN and Tor, we can see the summarized in table 4 based
on advantage and disadvantage. The use of Tor and VPN depends on how you want to use it.
According to [12] OnionCat is an application that using Tor's hidden services and implemented in a
layer between a client application and the Tor proxy. OnionCat and Tor claimed that it is a new kind
of anonymous VPN.
5. Conclusion
In this paper, we presented the difference between VPN and Tor based on their secure communication.
The purpose of VPN and Tor is very similar, i.e., to maintain internet users' online anonymity and to
6
1234567890 ‘’“”
International Conference on Mathematics, Science and Education 2017 (ICMSE2017) IOP Publishing
IOP Conf. Series: Journal of Physics: Conf. Series 983 (2018) 012060 doi :10.1088/1742-6596/983/1/012060
evade firewalls. The use of VPN and Tor depends on how you want to use it. Each has their
advantages and disadvantages. We can combine it to get more secure communication. One thing to
note is there is no such a thing as a fully guarantee of anonymity. Just use it wisely based on our
necessity.
References
[1] Jha R, Kharga P, Bholebawa I Z, Satyarthi S and Kumari S 2014 International Journal of
Computer Network and Information Security 6 49
[2] Ramadhani E and Luthfi A 2011 Adv. Sci. Lett. 4 400
[3] Kolkowska E, Hedström K and Karlsson F 2009 Information security goals in a Swedish
hospital Secur. Assur. Priv. Organ. Challenges. Proc. 8th Annu. Secur. Conf., pp. 111,
[4] Gokulakrishnan J 2014 Indian J. Comput. Sci. Eng. 5 135
[5] Nawej M C 2016 Evaluation of virtual private network impact on network
performance (unpublished article)
[6] Çalışkan E, Minárik T and Osula A M 2015) Technical and legal overview of the tor anonymity
network (NATO Cooperative Cyber Defence Centre of Excellence)
[7] Behm B J, Roth G B and Rubin G A 2017 U.S. Patent No. 9,780,952. (Washington, DC: U.S.
Patent and Trademark Office)
[8] Verma A, Kaur S and Chhabra B 2017 International Journal of Computer Science and
Information Security 15 66
[9] Syverson P 2013 Practical Vulnerabilities of the Tor Anonymity Network (Advances in Cyber
Security: Technology, Operation, and Experiences)
[10] Abbott T G, Lai K J, Lieberman M R and Price E C 2007 Browser-based attacks on Tor.
PET'07 Proceedings of the 7th International Conference on Privacy Enhancing
Technologies, pp. 184-199. Berlin, Heidelberg: Springer-Verlag.
[11] Kim S M, Han J, Ha J, Kim T and Han D 2017 Enhancing Security and Privacy of Tor's
Ecosystem by Using Trusted Execution Environments In NSDI (pp. 145-161).
[12] Scaife N, Carter H and Traynor P 2015 OnionDNS: A seizure-resistant top-level domain.
In Communications and Network Security (CNS), 2015 IEEE Conference on (pp. 379-387).
IEEE.
... As advancements in computer network technology continue and various devices connect to the Internet, user privacy becomes increasingly vulnerable to malicious attacks. While encryption technologies like VPNs and Tor (Ramadhani 2018) offer protection to users (Sharma, Dangi, and Mishra 2021;Xiao et al. 2024), they can paradoxically serve as tools for attackers to conceal their identities. Traditional data packet inspection (DPI) methods have lost effectiveness against encrypted traffic (Papadogiannaki and Ioannidis 2021). ...
Preprint
Full-text available
With the growing significance of network security, the classification of encrypted traffic has emerged as an urgent challenge. Traditional byte-based traffic analysis methods are constrained by the rigid granularity of information and fail to fully exploit the diverse correlations between bytes. To address these limitations, this paper introduces MH-Net, a novel approach for classifying network traffic that leverages multi-view heterogeneous traffic graphs to model the intricate relationships between traffic bytes. The essence of MH-Net lies in aggregating varying numbers of traffic bits into multiple types of traffic units, thereby constructing multi-view traffic graphs with diverse information granularities. By accounting for different types of byte correlations, such as header-payload relationships, MH-Net further endows the traffic graph with heterogeneity, significantly enhancing model performance. Notably, we employ contrastive learning in a multi-task manner to strengthen the robustness of the learned traffic unit representations. Experiments conducted on the ISCX and CIC-IoT datasets for both the packet-level and flow-level traffic classification tasks demonstrate that MH-Net achieves the best overall performance compared to dozens of SOTA methods.
... In VPNs, customer-edge devices can be associated with provider-edge routers. They provide privacy and anonymity by hiding the real internet protocol address and are particularly useful when connecting public Wi-Fi networks to reduce potential hacking attacks [30]. ...
Article
Full-text available
Network Virtualization (NV) techniques enable high scalability and isolation by abstracting physical resources to provide a logical network representation that can coexist with a physical networking framework. Traditional NV is prone to security attacks and has lower privacy and trustfulness compared to blockchain-established NV. We diagnose the BC-established NV construct under 5 segments and closely appraise the literature in reference to NV technique, virtualization technology, BC-related properties, and network properties. We racked up a starting sample of 85 sources by filtering literary work for qualifying conditions searched from article retrieval platforms, engaging a rigorous and prolonged approach. Anchored from this research, in BC-established NV, we demonstrate that BC can act as a broker/manager for NV, act as a secure storage by preventing double-spending attacks, provide secure virtual network embedding with high fault tolerance, engage BC and smart contacts for resource trading in the process of NV, engage dedicated consensus approaches to reach agreement for NV among multiple parties for reducing security attacks, and establish BC-established access control for NV. Complete interpretation disseminates that from interpreted BC-established NV schemes, 45% engage BC and smart contracts for agreements and resource trading for NV, 95% engage regular BC architecture, Proof-of-Work (PoW) and Practical Byzantine Fault Tolerance (PBFT) being the most frequently used consensus, 80% engage the overlay network concept, and it has been engaged abundantly (27.5%) in 5G networks. Finally, we deliberate the possibilities and obstacles of the framework of blockchain-established NV and then provide suggestions to suppress them.
... Eis a principal diferença entre anonimização e anonimato: enquanto a anonimização é resultado de um tratamento realizado sobre os dados já criados e disponíveis e, portanto, pode ser reversível 12 , o anonimato consiste em um esforço do usuário ou da usuária em relação aos seus próprios dados que se realiza antes mesmo de sua criação ou disponibilização, viabilizado por instrumentos como VPN e The Onion Routing (Tor), duas ferramentas que têm o mesmo modelo de comunicação por tunelamento 13 e usam a tecnologia de criptografia para garantir a integridade dos dados (Ramadhani, 2018). ...
Article
Full-text available
Based on the need to expand, in the virtual age, the list of fundamental rights available to the accused person in the same proportion that procedural practices that use technological resources are extended to their disadvantage, the article proposes to answer the following question: would the accused person have the right to digital anonymity? Without disregarding the need for state intervention when used in the practice of criminal offences, the paper methodologically proposes an interdisciplinary bibliographical review to conceptualize anti-forensic techniques as important tools for protecting the right of the accused person not to produce digital evidence against them, highlighting anonymity as one of its most effective tools and defending the relevance of its legal protection in the cyber age.
... Although Internet security is improved for a regular user, encryption technologies also provide a convenient disguise for some malicious attackers. Moreover, some privacy-enhanced tools like VPN and Tor [26] may be utilized to achieve illegal network transactions, such as weapon trading and drug sales, where it is difficult to trace the traffic source [13]. Traditional data packet inspection (DPI) methods concentrate on mining the potential patterns or keywords in data packets, which is time-consuming and loses its accuracy when facing encrypted traffic [24]. ...
Preprint
Full-text available
Encrypted traffic classification is receiving widespread attention from researchers and industrial companies. However, the existing methods only extract flow-level features, failing to handle short flows because of unreliable statistical properties, or treat the header and payload equally, failing to mine the potential correlation between bytes. Therefore, in this paper, we propose a byte-level traffic graph construction approach based on point-wise mutual information (PMI), and a model named Temporal Fusion Encoder using Graph Neural Networks (TFE-GNN) for feature extraction. In particular, we design a dual embedding layer, a GNN-based traffic graph encoder as well as a cross-gated feature fusion mechanism, which can first embed the header and payload bytes separately and then fuses them together to obtain a stronger feature representation. The experimental results on two real datasets demonstrate that TFE-GNN outperforms multiple state-of-the-art methods in fine-grained encrypted traffic classification tasks.
... • Freedom to express their views • Freedom from societal pressures • To remain untraceable by the government • To protect themselves and their personal safety • To prevent data miners collecting their information [9] These are all reasons for someone to use the Tor network, and if they do so, they expect to remain hidden. Tor employs many techniques to keep their users protected such as onion routing, use of asymmetric cryptography and scrambling of web requests [21]. ...
Article
Full-text available
Data breaches are a critical issue and have become one of the top widespread risks in today’s data-driven digital environment. Hence, Secure data outsourcing is essential in today’s digital communications. The current interconnected network lack many core features, including privacy and security, which make it vulnerable to data leakages when transmitting sensitive information during critical circumstances (e.g., natural and human disasters). In this paper, we propose a network model that can be employed as a future private network paradigm to promptly and securely transmit confidential data, hence minimizing the chances of breaches. Our schemes provide the following contributions: (1) design a private novel network architecture to disseminate multilevel confidential packets using two routers; (2) Develop several heuristics to reduce an NP-hard problem to find an optimal solution for the studied problem; (3) Employee a developed scheduler for selecting the best algorithm that schedule packets securely and timely through two routers such that critical data packets associated to the same confidential level are prohibited from being transmitted at the same time; (4) conduct an analysis study to compare the developed heuristics and to prove the practicality of the proposed solution. The experimental results show the performance of the proposed heuristics. The results showed that the best heuristic is IFP2 in 84.4% of cases.
Article
This article explores key ethical and security challenges related to exploitation of open-source intelligence (OSINT) in research on online terrorist propaganda. In order to reach this objective, the most common approaches to OSINT-based projects are analysed through the lens of some of the most recognized ethical guidelines in science, which allowed several core dilemmas to be identified. First of all, this study discusses how personal data protection rules are applicable to investigations of potentially dangerous subjects, such as members and followers of Violent Extremist Organizations (VEOs). In addition, the author examines potential threats to the safety of researchers and the scientific infrastructure used in OSINT-based projects. He also discusses the risks of incidental findings and malevolent use of research results. Finally, drawing from existing legal regulations and good practices in other fields, as well as the author’s previous experience in OSINT-based analyses of online terrorist activities, this article explores basic means of tackling these dilemmas.
Article
Full-text available
This paper presents findings of information systems security (ISS) goals found in policies, guidelines, and routines, i.e. in the formal system, at a Swedish hospital. The purpose of the paper is to analyze the ISS goals and relate them to confidentiality, integrity and availability (CIA) that are traditional objectives for managing ISS in organizations. A critical view on the CIA-triad has been taken in the study, to see how it is related to a hospital setting. Seven main ISS goals and 63 sub-goals supporting the main goals were identified. We found that the CIA-triad covers three of these main-goals. Confidentiality and integrity, however, have a broader definition in the hospital-settings than the traditional definitions. In addition we found four main ISS goals that the CIA-triad fails to cover. These are 'Follow ISS laws, rules and standards,' 'Traceability,' 'Standardized information' and 'Informed patients and/or family.' These findings contribute to the ongoing discussion about objectives in ISS management.
Article
This paper presents a complete guideline for developing OpenFlow infrastructure. OpenFlow is standard network protocol to manage traffic between routers and Ethernet Switches. This approach will help to create the next generation virtual network, which provides the solution for network management, flow control of packets, delay optimization etc without interfering the backbone network. Here a brief idea about all the supporting tools involved in the journey of OpenFlow has been introduced. This paper provides a solution with top to bottom approach to install OpenFlow network tools. On the basis of one by one approach user is able to solve the problem appeared during the installation with proper justifications.
Article
Damage mechanical behaviors of glass fiber reinforced composites for wind energy applications are studied using numerical method. Several different modeling techniques of damage initiation and propagation are presented. Unit cell models with single fiber and with multi-fiber are modeled by cohesive element model, surfacebased cohesive model and extended finite element method (XFEM), respectively. These modeling approaches are compared and led to very close results. Based on the comparison of the strong sides of different modeling techniques, the combination of them is implemented in the same cell models, i.e., different damageable parts in composites (matrix cracks, fiber/matrix interface damage and fiber fracture) are modeled by different modeling techniques. Results indicated that they can be simultaneously used successfully.
Conference Paper
This paper describes a new attack on the anonymity of web browsing with Tor. The attack tricks a user's web browser into sending a distinctive signal over the Tor network that can be detected using traffic analysis. It is delivered by a malicious exit node using a man-in-the- middle attack on HTTP. Both the attack and the traffic analysiscan be performed by an adversary with limited resources. While the attack can only succeed if the attacker controls one of the victim's entry guards, the method reduces the time required for a traffic analysis attack on Tor from O(nk) to O(n + k), where n is the number of exit nodes and k is the number of entry guards. This paper presents techniques that exploit the Tor exit policy system to greatly simplify the traffic analysis. The fundamental vulnerability exposed by this paper is not specific to Tor but rather to the problem of anonymous web browsing itself. This paper also describes a related attack on users who toggle the use of Tor with the popular Firefox extension Torbutton.
Technical and legal overview of the tor anonymity network
  • E Çalışkan
  • T Minárik
  • A M Osula
Çalışkan E, Minárik T and Osula A M 2015) Technical and legal overview of the tor anonymity network (NATO Cooperative Cyber Defence Centre of Excellence)
Enhancing Security and Privacy of Tor's Ecosystem by Using Trusted Execution Environments In NSDI
  • S M Kim
  • J Han
  • J Ha
  • Kim T Han
Kim S M, Han J, Ha J, Kim T and Han D 2017 Enhancing Security and Privacy of Tor's Ecosystem by Using Trusted Execution Environments In NSDI (pp. 145-161).
  • R Jha
  • P Kharga
  • I Z Bholebawa
  • S Satyarthi
  • S Kumari
Jha R, Kharga P, Bholebawa I Z, Satyarthi S and Kumari S 2014 International Journal of Computer Network and Information Security 6 49
  • E Ramadhani
  • A Luthfi
Ramadhani E and Luthfi A 2011 Adv. Sci. Lett. 4 400
  • A Verma
  • S Kaur
  • B Chhabra
Verma A, Kaur S and Chhabra B 2017 International Journal of Computer Science and Information Security 15 66