Get 20M+ Full-Text Papers For Less Than $1.50/day. Start a 14-Day Trial for You or Your Team.

Learn More →

Data-plane Defenses against Routing Attacks on Tor

Data-plane Defenses against Routing Attacks on Tor Abstract Tor is susceptible to traffic correlation attacks in which an adversary who observes flows entering and leaving the anonymity network can apply statistical techniques to correlate flows and de-anonymize their endpoints. While an adversary may not be naturally positioned to conduct such attacks, a recent study shows that the Internet’s control-plane can be manipulated to increase an adversary’s view of the network, and consequently, improve its ability to perform traffic correlation. This paper explores, in-depth, the effects of control-plane attacks on the security of the Tor network. Using accurate models of the live Tor network, we quantify Tor’s susceptibility to these attacks by measuring the fraction of the Tor network that is vulnerable and the advantage to the adversary of performing the attacks. We further propose defense mechanisms that protect Tor users from manipulations at the control-plane. Perhaps surprisingly, we show that by leveraging existing trust anchors in Tor, defenses deployed only in the data-plane are sufficient to detect most control-plane attacks. Our defenses do not assume the active participation of Internet Service Providers, and require only very small changes to Tor. We show that our defenses result in a more than tenfold decrease in the effectiveness of certain control-plane attacks. http://www.deepdyve.com/assets/images/DeepDyve-Logo-lg.png Proceedings on Privacy Enhancing Technologies de Gruyter

Data-plane Defenses against Routing Attacks on Tor

Download PDF
18 pages

Loading next page...
 
/lp/de-gruyter/data-plane-defenses-against-routing-attacks-on-tor-kp1TS1WglT
Publisher
de Gruyter
Copyright
Copyright © 2016 by the
ISSN
2299-0984
eISSN
2299-0984
DOI
10.1515/popets-2016-0040
Publisher site
See Article on Publisher Site

Abstract

Abstract Tor is susceptible to traffic correlation attacks in which an adversary who observes flows entering and leaving the anonymity network can apply statistical techniques to correlate flows and de-anonymize their endpoints. While an adversary may not be naturally positioned to conduct such attacks, a recent study shows that the Internet’s control-plane can be manipulated to increase an adversary’s view of the network, and consequently, improve its ability to perform traffic correlation. This paper explores, in-depth, the effects of control-plane attacks on the security of the Tor network. Using accurate models of the live Tor network, we quantify Tor’s susceptibility to these attacks by measuring the fraction of the Tor network that is vulnerable and the advantage to the adversary of performing the attacks. We further propose defense mechanisms that protect Tor users from manipulations at the control-plane. Perhaps surprisingly, we show that by leveraging existing trust anchors in Tor, defenses deployed only in the data-plane are sufficient to detect most control-plane attacks. Our defenses do not assume the active participation of Internet Service Providers, and require only very small changes to Tor. We show that our defenses result in a more than tenfold decrease in the effectiveness of certain control-plane attacks.

Journal

Proceedings on Privacy Enhancing Technologiesde Gruyter

Published: Oct 1, 2016

References

  • Privacy - preserving Ways to Estimate the Number of Tor Users Technical Report Tor Project November
    Hahn
  • Electronic Mail Return Addresses and Digital Pseudonyms of the
    Chaum
  • Users Get Routed Correlation on Tor By Realistic Adversaries In ACM Conference on Computer and Communications November
    Johnson
  • Secure Border Gateway Protocol on in
    Kent
  • AS - Awareness in Tor Path Selection In ACM Conference on Computer and Communications
    Edman
  • Secure Traceroute to Detect Faulty or Malicious Routing
    Padmanabhan
  • Snakes on a Tor Exit Scanner https gitweb torproject org torflow git tree HEAD NetworkScanners ExitAuthority
  • Hares Gateway Protocol RFC Internet Task Force
    Rekhter
  • Camouflage Proxy for the Tor Anonymity System In ACM Conference on Computer and Communications
    Weinberg
  • Skype Morph Protocol Obfuscation for Tor In ACM Conference on Communications
    Moghaddam
  • An Empirical Evaluation of Relay Selection in Tor In Network and Distributed System
    Wacek
  • SWIRL Watermark to Detect Correlated Network Flows In Network and Distributed System
    Houmansadr
  • Location Diversity in Anonymity In ACM Workshop on Privacy in the Electronic
    Feamster
  • One Fast for Life or Months In PETS
    Dingledine
  • Electronic Mail Return Addresses and Digital Pseudonyms of the
    Chaum
  • Light - weight Distributed Scheme for Detecting IP Prefix Hijacks in Real - time In Conference on Applications Technologies Architectures and Protocols for Computer
    Zheng
  • AS - Awareness in Tor Path Selection In ACM Conference on Computer and Communications
    Edman
  • Low Cost of Tor In on Privacy Oakland
    Murdoch
  • Project http www routeviews org
    RouteViews
  • Practical Defenses Against BGP Prefix Hijacking In ACM International Conference on Emerging Networking EXperiments and Technologies
    Zhang
  • Shadow Running Tor in a Box for Accurate and Efficient Experimentation In Network and Distributed System
    Jansen
  • Tor The Second Generation Onion Router In
    Dingledine
  • Protecting Anonymity in the Presence of Autonomous System and Internet Exchange Level Adversaries thesis University of Illinois at Urbana
    Juen
  • Oorschot Pretty Secure psBGP In Network and Distributed System
    Wan
  • Anti RAPTOR Anti Routing Attack on Privacy for a Securer and Tor In IEEE International Conference on Advanced Communication Technology
    Phong
  • On Inferring Autonomous System Relationships in the Internet on ToN
    Gao
  • RAPTOR Routing Attacks on Privacy in Tor In Aug
    Sun
  • Tor Flow https gitweb torproject org torflow git
  • Secure Border Gateway Protocol on in
    Kent
  • Prefix to AS mappings Dataset for http www caida org data routing routeviews prefix as xml
    Routeviews
  • Prefix to AS mappings Dataset for http www caida org data routing routeviews prefix as xml
    Routeviews
  • Feigenbaum Learning - based Anomaly Detection in BGP Updates In ACM SIGCOMM Workshop on Mining Metwork Data
    Zhang
  • Trust - based Anonymous Adversary Models and Routing In ACM Conference on and Communications
    Johnson
  • Attack against Signature Generation In International on Recent in Detection
    Chung
  • Tor Flow https gitweb torproject org torflow git
  • RIPE https atlas ripe net
    Atlas
  • Stealth Probing Efficient Data - Plane Security for IP Routing In USENIX Technical Conference
    Avramopoulos
  • RAPTOR Routing Attacks on Privacy in Tor In Aug
    Sun
  • Privacy - preserving Ways to Estimate the Number of Tor Users Technical Report Tor Project November
    Hahn
  • On Inferring Autonomous System Relationships in the Internet on ToN
    Gao
  • An Empirical Evaluation of Relay Selection in Tor In Network and Distributed System
    Wacek
  • Users Get Routed Correlation on Tor By Realistic Adversaries In ACM Conference on Computer and Communications November
    Johnson
  • Limits of Anonymity in Open Environments In Workshop
    Kedogan
  • Project http www routeviews org
    RouteViews
  • Tor The Second Generation Onion Router In
    Dingledine
  • Location Diversity in Anonymity In ACM Workshop on Privacy in the Electronic
    Feamster
  • Camouflage Proxy for the Tor Anonymity System In ACM Conference on Computer and Communications
    Weinberg
  • Light - weight Distributed Scheme for Detecting IP Prefix Hijacks in Real - time In Conference on Applications Technologies Architectures and Protocols for Computer
    Zheng
  • The AS Relationships http www caida org data as relationships
    CAIDA
  • Attack against Signature Generation In International on Recent in Detection
    Chung
  • https dev maxmind com geoip geoip geolite
    MaxMind
  • Shadow Running Tor in a Box for Accurate and Efficient Experimentation In Network and Distributed System
    Jansen
  • One Fast for Life or Months In PETS
    Dingledine
  • Distributed Reputation Approach to Cooperative Internet Routing Protection In Workshop on Secure Network Protocols
    Yu
  • The Parrot is Dead Observing Unobservable Network Communications In on Privacy Oakland
    Houmansadr
  • Limits of Anonymity in Open Environments In Workshop
    Kedogan
  • Hares Gateway Protocol RFC Internet Task Force
    Rekhter
  • https dev maxmind com geoip geoip geolite
    MaxMind
  • Secure Traceroute to Detect Faulty or Malicious Routing
    Padmanabhan
  • Global Internet Host Distance Estimation Service on
    Francis
  • Practical Defenses Against BGP Prefix Hijacking In ACM International Conference on Emerging Networking EXperiments and Technologies
    Zhang
  • RIPE https atlas ripe net
    Atlas
  • Protecting Anonymity in the Presence of Autonomous System and Internet Exchange Level Adversaries thesis University of Illinois at Urbana
    Juen
  • Snakes on a Tor Exit Scanner https gitweb torproject org torflow git tree HEAD NetworkScanners ExitAuthority
  • Tor Project Tor Portal https metrics torproject org
    Metrics
  • Distributed Reputation Approach to Cooperative Internet Routing Protection In Workshop on Secure Network Protocols
    Yu
  • Trust - based Anonymous Adversary Models and Routing In ACM Conference on and Communications
    Johnson
  • Tor Project Tor Portal https metrics torproject org
    Metrics
  • SWIRL Watermark to Detect Correlated Network Flows In Network and Distributed System
    Houmansadr
  • Anti RAPTOR Anti Routing Attack on Privacy for a Securer and Tor In IEEE International Conference on Advanced Communication Technology
    Phong
  • Low Cost of Tor In on Privacy Oakland
    Murdoch
  • Global Internet Host Distance Estimation Service on
    Francis
  • The Parrot is Dead Observing Unobservable Network Communications In on Privacy Oakland
    Houmansadr
  • Stealth Probing Efficient Data - Plane Security for IP Routing In USENIX Technical Conference
    Avramopoulos
  • Skype Morph Protocol Obfuscation for Tor In ACM Conference on Communications
    Moghaddam
  • The AS Relationships http www caida org data as relationships
    CAIDA
  • meek https trac torproject org projects tor wiki doc meek
    Fifield
  • Feigenbaum Learning - based Anomaly Detection in BGP Updates In ACM SIGCOMM Workshop on Mining Metwork Data
    Zhang
  • meek https trac torproject org projects tor wiki doc meek
    Fifield
  • Oorschot Pretty Secure psBGP In Network and Distributed System
    Wan