ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Low-resource routing attacks against tor
Full text PdfPdf (362 KB)
Source
Workshop On Privacy In The Electronic Society archive
Proceedings of the 2007 ACM workshop on Privacy in electronic society table of contents
Alexandria, Virginia, USA
SESSION: Anonymous ommunications table of contents
Pages: 11 - 20  
Year of Publication: 2007
ISBN:978-1-59593-883-1
Authors
Kevin Bauer  University of Colorado, Boulder, CO
Damon McCoy  University of Colorado, Boulder, CO
Dirk Grunwald  University of Colorado, Boulder, CO
Tadayoshi Kohno  University of Washington, Seattle, WA
Douglas Sicker  University of Colorado, Boulder, CO
Sponsors
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
ACM: Association for Computing Machinery
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 14,   Downloads (12 Months): 96,   Citation Count: 3
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1314333.1314336
What is a DOI?

ABSTRACT

Tor has become one of the most popular overlay networks for anonymizing TCP traffic. Its popularity is due in part to its perceived strong anonymity properties and its relatively low latency service. Low latency is achieved through Tor’s ability to balance the traffic load by optimizing Tor router selection to probabilistically favor routers with highbandwidth capabilities.

We investigate how Tor’s routing optimizations impact its ability to provide strong anonymity. Through experiments conducted on PlanetLab, we show the extent to which routing performance optimizations have left the system vulnerable to end-to-end traffic analysis attacks from non-global adversaries with minimal resources. Further, we demonstrate that entry guards, added to mitigate path disruption attacks, are themselves vulnerable to attack. Finally, we explore solutions to improve Tor’s current routing algorithms and propose alternative routing strategies that prevent some of the routing attacks used in our experiments.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Bauer, K., and McCoy, D. Tor specification proposal 109: No more than one server per ip address. http://tor.eff.org/svn/trunk/doc/spec/proposals/109-no-sharing-ips.txt, March 2007.
 
2
Bauer, K., McCoy, D., Grunwald, D., Kohno, T., and Sicker, D. Low-resource routing attacks against anonymous systems. Computing Science Technical Report CU-CS-1025-07, University of Colorado, Feb. 2007.
3
Miguel Castro , Peter Druschel , Ayalvadi Ganesh , Antony Rowstron , Dan S. Wallach, Secure routing for structured peer-to-peer overlay networks, Proceedings of the 5th symposium on Operating systems design and implementation

Due to copyright restrictions we are not able to make the PDFs for this conference available for downloading

, December 09-11, 2002, Boston, Massachusetts  [doi>10.1145/1060289.1060317]
 
4
Ian Clarke , Oskar Sandberg , Brandon Wiley , Theodore W. Hong, Freenet: a distributed anonymous information storage and retrieval system, International workshop on Designing privacy enhancing technologies: design issues in anonymity and unobservability, p.46-66, January 2001, Berkeley, California, United States
 
5
Dingledine, R. Personal communication., October 2006.
 
6
Dingledine, R., and Mathewson, N. Tor path specification. http://tor.eff.org/cvs/doc/path-spec.txt.
 
7
Roger Dingledine , Nick Mathewson , Paul Syverson, Tor: the second-generation onion router, Proceedings of the 13th conference on USENIX Security Symposium, p.21-21, August 09-13, 2004, San Diego, CA
 
8
Dingledine, R., Mathewson, N., and Syverson, P. Challenges in deploying low-latency anonymity. NRL CHACS Report 5540--625, 2005.
 
9
Dingledine, R., and Syverson, P. Reliable MIX Cascade Networks through Reputation. In Proceedings of Financial Cryptography (FC 2002).
 
10
John R. Douceur, The Sybil Attack, Revised Papers from the First International Workshop on Peer-to-Peer Systems, p.251-260, March 07-08, 2002
11
Nick Feamster , Roger Dingledine, Location diversity in anonymity networks, Proceedings of the 2004 ACM workshop on Privacy in the electronic society, October 28-28, 2004, Washington DC, USA  [doi>10.1145/1029179.1029199]
12
Michael J. Freedman , Robert Morris, Tarzan: a peer-to-peer anonymizing network layer, Proceedings of the 9th ACM conference on Computer and communications security, November 18-22, 2002, Washington, DC, USA  [doi>10.1145/586110.586137]
 
13
Goldberg, I. On the security of the tor authentication protocol. In Proceedings of the Sixth Workshop on Privacy Enhancing Technologies (PET 2006) (Cambridge, UK, June 2006), Springer.
 
14
David M. Goldschlag , Michael G. Reed , Paul F. Syverson, Hiding Routing Information, Proceedings of the First International Workshop on Information Hiding, p.137-150, May 30-June 01, 1996
 
15
Iperf - The TCP/UDP Bandwidth Measurement Tool. http://dast.nlanr.net/Projects/Iperf.
16
Steven J. Murdoch, Hot or not: revealing hidden services by their clock skew, Proceedings of the 13th ACM conference on Computer and communications security, October 30-November 03, 2006, Alexandria, Virginia, USA  [doi>10.1145/1180405.1180410]
 
17
Steven J. Murdoch , George Danezis, Low-Cost Traffic Analysis of Tor, Proceedings of the 2005 IEEE Symposium on Security and Privacy, p.183-195, May 08-11, 2005  [doi>10.1109/SP.2005.12]
 
18
Murdoch, S. J., and Zieliński, P. Sampled traffic analysis by internet-exchange-level adversaries. In Proceedings of Privacy Enhancing Technologies Workshop (PET 2007) (June 2007).
 
19
Lasse Overlier , Paul Syverson, Locating Hidden Servers, Proceedings of the 2006 IEEE Symposium on Security and Privacy, p.100-114, May 21-24, 2006  [doi>10.1109/SP.2006.24]
 
20
Perry, M. Securing the tor network. Defcon 2007. http://fscked.org/transient/SecuringTheTorNetwork.pdf.
 
21
Perry, M. Torflow. http://tor.eff.org/svn/torflow/README.
 
22
Peterson, L., Muir, S., Roscoe, T., and Klingaman, A. PlanetLab Architecture: An Overview. Tech. Rep. PDN¿06¿031, PlanetLab Consortium, May 2006.
23
Michael K. Reiter , Aviel D. Rubin, Crowds: anonymity for Web transactions, ACM Transactions on Information and System Security (TISSEC), v.1 n.1, p.66-92, Nov. 1998  [doi>10.1145/290163.290168]
24
Marc Rennhard , Bernhard Plattner, Introducing MorphMix: peer-to-peer based anonymous Internet usage with collusion detection, Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society, p.91-102, November 21-21, 2002, Washington, DC  [doi>10.1145/644527.644537]
 
25
Singh, A., Druschel, P., and Wallach, D. S. Eclipse attacks on overlay networks: Threats and defenses. In IEEE INFOCOM (2006).
 
26
Paul Syverson , Gene Tsudik , Michael Reed , Carl Landwehr, Towards an analysis of onion routing security, International workshop on Designing privacy enhancing technologies: design issues in anonymity and unobservability, p.96-114, January 2001, Berkeley, California, United States
 
27
Transparent SOCKS Proxying Library. http://tsocks.sourceforge.net.
28
Xinyuan Wang , Shiping Chen , Sushil Jajodia, Tracking anonymous peer-to-peer VoIP calls on the internet, Proceedings of the 12th ACM conference on Computer and communications security, November 07-11, 2005, Alexandria, VA, USA  [doi>10.1145/1102120.1102133]

CITED BY  3
Nikita Borisov , George Danezis , Prateek Mittal , Parisa Tabriz, Denial of service or denial of security?, Proceedings of the 14th ACM conference on Computer and communications security, October 28-31, 2007, Alexandria, Virginia, USA
Prateek Mittal , Nikita Borisov, Information leaks in structured peer-to-peer anonymous communication systems, Proceedings of the 15th ACM conference on Computer and communications security, October 27-31, 2008, Alexandria, Virginia, USA
Zhengyi Le , Gauri Vakde , Matthew Wright, PEON: privacy-enhanced opportunistic networks with applications in assistive environments, Proceedings of the 2nd International Conference on PErvsive Technologies Related to Assistive Environments, p.1-8, June 09-13, 2009, Corfu, Greece

INDEX TERMS

Primary Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.0 General
          Subjects: Security and protection (e.g., firewalls)

Additional Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.2 Network Protocols
      C.2.5 Local and Wide-Area Networks


General Terms:
Experimentation, Reliability, Security


Keywords:
anonymity, load balancing, tor, traffic analysis

Collaborative Colleagues:
Kevin Bauer: colleagues
Damon McCoy: colleagues
Dirk Grunwald: colleagues
Tadayoshi Kohno: colleagues
Douglas Sicker: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player