Access the full text.
Sign up today, get DeepDyve free for 14 days.
Loading next page...
/lp/de-gruyter/data-plane-defenses-against-routing-attacks-on-tor-kp1TS1WglT
References (71)
-
Juen (2012)
Protecting Anonymity in the Presence of Autonomous System and Internet Exchange Level Adversaries thesis University of Illinois at Urbana, 21
-
T. Elahi, Kevin Bauer, Mashael Alsabah, Roger Dingledine, I. Goldberg (2012)
Changing of the guards: a framework for understanding and improving entry guard selection in tor -
Ioannis Avramopoulos, J. Rexford (2006)
Stealth Probing: Efficient Data-Plane Security for IP Routing -
Aaron Johnson, Chris Wacek, Rob Jansen, M. Sherr, P. Syverson (2013)
Users get routed: traffic correlation on tor by realistic adversariesProceedings of the 2013 ACM SIGSAC conference on Computer & communications security
-
Houmansadr (2013)
The Parrot is Dead Observing Unobservable Network Communications In on Privacy OaklandIEEE Symposium Security, 17
-
S. Hahn, Karsten Loesing (2012)
Privacy-preserving Ways to Estimate the Number of Tor Users -
Jian Zhang, J. Rexford, J. Feigenbaum (2005)
Learning-based anomaly detection in BGP updates -
Wan (2005)
Oorschot Pretty Secure psBGP In Network and Distributed SystemSecurity Symposium
-
Harlan Yu, J. Rexford, E. Felten (2005)
A distributed reputation approach to cooperative Internet routing protection1st IEEE ICNP Workshop on Secure Network Protocols, 2005. (NPSec).
-
Hahn (2010)
Privacy - preserving Ways to Estimate the Number of Tor Users Technical Report Tor Project November, 15
-
Nguyen Hoang, Yasuhito Asano, Masatoshi Yoshikawa (2015)
Anti-RAPTOR: Anti routing attack on privacy for a securer and scalable Tor2015 17th International Conference on Advanced Communication Technology (ICACT)
-
Chris Wacek, Henry Tan, Kevin Bauer, M. Sherr (2013)
An Empirical Evaluation of Relay Selection in Tor -
D. Kesdogan, D. Agrawal, S. Penz (2002)
Limits of Anonymity in Open Environments -
Johnson (2011)
Trust - based Anonymous Adversary Models and Routing In ACM Conference on and CommunicationsCommunication Algorithms Computer Security, 20
-
Moghaddam (2012)
Skype Morph Protocol Obfuscation for Tor In ACM Conference on CommunicationsComputer Security, 26
-
Murdoch (2005)
Low Cost of Tor In on Privacy OaklandTraffic Analysis IEEE Symposium Security, 27
-
Edman (2009)
AS - Awareness in Tor Path Selection In ACM Conference on Computer and CommunicationsSecurity
-
Zhang (2007)
Practical Defenses Against BGP Prefix Hijacking In ACM International Conference on Emerging Networking EXperiments and Technologies -
Houmansadr (2011)
SWIRL Watermark to Detect Correlated Network Flows In Network and Distributed SystemSecurity Symposium, 16
-
Chung (2006)
Attack against Signature Generation In International on Recent in DetectionAllergy Automatic Symposium Advances Intrusion RAID
-
S. Chung, A. Mok (2006)
Allergy Attack Against Automatic Signature Generation -
Johnson (2013)
Users Get Routed Correlation on Tor By Realistic Adversaries In ACM Conference on Computer and Communications NovemberTraffic Security, 19
-
Y. Rekhter, Tony Li (1994)
A Border Gateway Protocol 4 (BGP-4)RFC, 4271
-
Weinberg (2012)
Camouflage Proxy for the Tor Anonymity System In ACM Conference on Computer and CommunicationsSecurity
-
A. Houmansadr, Chad Brubaker, Vitaly Shmatikov (2013)
The Parrot Is Dead: Observing Unobservable Network Communications2013 IEEE Symposium on Security and Privacy
-
D. Chaum (1981)
Untraceable electronic mail, return addresses, and digital pseudonyms -
Kedogan (2002)
Limits of Anonymity in Open Environments In WorkshopInformation Hiding, 22
-
Measurement, Security -
S. Murdoch, G. Danezis (2005)
Low-cost traffic analysis of Tor2005 IEEE Symposium on Security and Privacy (S&P'05)
-
Kevin Dyer, Scott Coull, T. Ristenpart, Thomas Shrimpton (2013)
Protocol misidentification made easy with format-transforming encryptionProceedings of the 2013 ACM SIGSAC conference on Computer & communications security
-
Avramopoulos (2006)
Stealth Probing Efficient Data - Plane Security for IP Routing In USENIX Technical ConferenceAnnual
-
Metrics
Tor Project Tor Portal https metrics torproject org -
V. Padmanabhan, Daniel Simon (2003)
Secure traceroute to detect faulty or malicious routingComput. Commun. Rev., 33
-
Tao Wan, E. Kranakis, P. Oorschot (2005)
Pretty Secure BGP, psBGP -
Snakes on a Tor Exit Scanner https gitweb torproject org torflow git tree HEAD NetworkScanners ExitAuthority
-
M. Lepinski, K. Sriram (2017)
BGPsec Protocol SpecificationRFC, 8205
-
Matthew Edman, P. Syverson (2009)
As-awareness in Tor path selection -
Zheng Zhang, Ying Zhang, Y. Hu, Z. Mao (2007)
Practical defenses against BGP prefix hijacking -
Routeviews
Prefix to AS mappings Dataset for http www caida org data routing routeviews prefix as xml -
H. Moghaddam, Baiyu Li, M. Derakhshani, I. Goldberg (2012)
SkypeMorph: protocol obfuscation for Tor bridgesProceedings of the 2012 ACM conference on Computer and communications security
-
(2000)
USENIX Association Proceedings of the -
Roger Dingledine, Nicholas Hopper, George Kadianakis, Nick Mathewson (2014)
One Fast Guard for Life ( or 9 months ) -
Feamster (2004)
Location Diversity in Anonymity In ACM Workshop on Privacy in the ElectronicNetworks Society, 11
-
Yixin Sun, A. Edmundson, L. Vanbever, Oscar Li, J. Rexford, M. Chiang, Prateek Mittal (2015)
RAPTOR: Routing Attacks on Privacy in Tor -
Lixin Gao (2000)
On inferring autonomous system relationships in the InternetGlobecom '00 - IEEE. Global Telecommunications Conference. Conference Record (Cat. No.00CH37137), 1
-
Zachary Weinberg, Jeffrey Wang, V. Yegneswaran, L. Briesemeister, Steven Cheung, Frank Wang, D. Boneh (2012)
StegoTorus: a camouflage proxy for the Tor anonymity systemProceedings of the 2012 ACM conference on Computer and communications security
-
Zheng (2007)
Light - weight Distributed Scheme for Detecting IP Prefix Hijacks in Real - time In Conference on Applications Technologies Architectures and Protocols for ComputerCommunications
-
MaxMind
https dev maxmind com geoip geoip geoliteDatabase, 25
-
Rekhter (2006)
Hares Gateway Protocol RFC Internet Task ForceEngineering, 30
-
Dingledine (2004)
Tor The Second Generation Onion Router InSecurity Symposium
-
Tor Flow https gitweb torproject org torflow git
-
Joshua Juen (2012)
Protecting anonymity in the presence of autonomous system and internet exchange level adversaries -
N. Feamster, Roger Dingledine (2004)
Location diversity in anonymity networks -
Fifield
meek https trac torproject org projects tor wiki doc meek, 12
-
S. Kent, C. Lynn, K. Seo (2000)
Secure Border Gateway Protocol (S-BGP)IEEE Journal on Selected Areas in Communications, 18
-
RouteViews
Project http www routeviews org -
Zhang (2005)
Feigenbaum Learning - based Anomaly Detection in BGP Updates In ACM SIGCOMM Workshop on Mining Metwork Data -
Aaron Johnson, P. Syverson, Roger Dingledine, Nick Mathewson (2011)
Trust-based anonymous communication: adversary models and routing algorithms -
Atlas
RIPE https atlas ripe net, 31
-
Phong
Anti RAPTOR Anti Routing Attack on Privacy for a Securer and Tor In IEEE International Conference on Advanced Communication Technology, 29
-
Russ White (2006)
Architecture and Deployment Considerations for Secure Origin BGP (soBGP) -
Yu (2005)
Distributed Reputation Approach to Cooperative Internet Routing Protection In Workshop on Secure Network Protocols -
Sun
RAPTOR Routing Attacks on Privacy in Tor In AugSecurity Symposium
-
Rob Jansen, Nicholas Hopper (2011)
Shadow: Running Tor in a Box for Accurate and Efficient Experimentation -
Gao (2001)
On Inferring Autonomous System Relationships in the Internet on ToNIEEE ACM Transactions Networking, 14
-
Jansen (2012)
Shadow Running Tor in a Box for Accurate and Efficient Experimentation In Network and Distributed SystemSecurity Symposium, 18
-
Wacek (2013)
An Empirical Evaluation of Relay Selection in Tor In Network and Distributed SystemSecurity Symposium
-
CAIDA (2014)
The AS Relationships http www caida org data as relationships, 06
-
P. Francis, S. Jamin, Cheng Jin, Yixin Jin, D. Raz, Y. Shavitt, Lixia Zhang (2001)
IDMaps: a global internet host distance estimation serviceIEEE/ACM Trans. Netw., 9
-
A. Houmansadr, N. Borisov (2011)
SWIRL: A Scalable Watermark to Detect Correlated Network Flows -
Dingledine (2014)
One Fast for Life or Months In PETSPrivacy Enhancing Technologies Symposium
- Publisher
- de Gruyter
- Copyright
- Copyright © 2016 by the
- ISSN
- 2299-0984
- eISSN
- 2299-0984
- DOI
- 10.1515/popets-2016-0040
- Publisher site
- See Article on Publisher Site
Abstract
Abstract Tor is susceptible to traffic correlation attacks in which an adversary who observes flows entering and leaving the anonymity network can apply statistical techniques to correlate flows and de-anonymize their endpoints. While an adversary may not be naturally positioned to conduct such attacks, a recent study shows that the Internet’s control-plane can be manipulated to increase an adversary’s view of the network, and consequently, improve its ability to perform traffic correlation. This paper explores, in-depth, the effects of control-plane attacks on the security of the Tor network. Using accurate models of the live Tor network, we quantify Tor’s susceptibility to these attacks by measuring the fraction of the Tor network that is vulnerable and the advantage to the adversary of performing the attacks. We further propose defense mechanisms that protect Tor users from manipulations at the control-plane. Perhaps surprisingly, we show that by leveraging existing trust anchors in Tor, defenses deployed only in the data-plane are sufficient to detect most control-plane attacks. Our defenses do not assume the active participation of Internet Service Providers, and require only very small changes to Tor. We show that our defenses result in a more than tenfold decrease in the effectiveness of certain control-plane attacks.
Journal
Proceedings on Privacy Enhancing Technologies – de Gruyter
Published: Oct 1, 2016