Overlay networks (proxy networks) have been used as a communication infrastructure to allow applications to communicate with users without revealing their IP addresses. Such proxy networks are used to enhance application security; including protecting applications from direct attacks and infrastructure Denial-of-Service attacks. However, the conditions under which such approaches can hide application location are not well understood. To shed light on this question, we develop a formal framework for proxy network approach to location-hiding which encompasses most of the proposed approaches. It is used to characterize how attacks, defenses, and correlated host vulnerabilities affect the feasibility of location-hiding. Overlay networks have been proposed as a means to provide applications with new security capabilities. In particular, overlay networks are used as proxies which mediate the communication between applications and their users without revealing application IP addresses. This capability to allow communication without revealing IP addresses is also known as location-hiding or application hiding, and the essence of it is indirect communication. This capability can support anonymous communication, protect applications and hosts from direct attacks, and protect the supporting physical infrastructure of an application from Denial-of-Service (DoS) attacks.

Sign up to vote on this title
UsefulNot useful