A Pseudonym-based Anonymous Routing Mechanism under Multi-controller SDN Architecture

Abstract

Anonymous communication technology has been proposed to conceal the identity and communication relationship of both parties in communication, mitigating the threats of communication surveillance. However, the traditional anonymous communication scheme is designed on the traditional network architecture, network devices have limited control over the network, which leads to the inefficiency of anonymous communication. Software Defined Networks (SDN) is a novel network architecture that manages network through controller. It has the characteristics of high efficiency and flexibility. However, in recent years, researches about anonymous communication of SDN exist many challenges, such as limitation of scenarios and lack of anonymity. To address these challenges, this paper, inspired by pseudonym changing, proposes a pseudonym-based anonymous routing mechanism under multi-controller SDN architecture, in which pseudonym-changing is used for hiding the identity of the communicating parties. Besides, to avoid routing error caused by address conflicts, an effective hash checking method is proposed to avoid anonymous address conflicts. Based on that, we also present an anonymity enhanced scheme that employs phantom routing to hide the sender in the routing path and a multicast mechanism to prevent traffic analysis attacks. Anonymity analysis and experiment show that this scheme can provide strong anonymity protection for distributed SDN without much time cost, and has good practicability.