Low-cost traffic analysis of Tor

@article{Murdoch2005LowcostTA,
  title={Low-cost traffic analysis of Tor},
  author={Steven J. Murdoch and George Danezis},
  journal={2005 IEEE Symposium on Security and Privacy (S\&P'05)},
  year={2005},
  pages={183-195}
}
  • S. Murdoch, G. Danezis
  • Published 8 May 2005
  • Computer Science
  • 2005 IEEE Symposium on Security and Privacy (S&P'05)
Tor is the second generation onion router supporting the anonymous transport of TCP streams over the Internet. Its low latency makes it very suitable for common tasks, such as Web browsing, but insecure against traffic-analysis attacks by a global passive adversary. We present new traffic-analysis techniques that allow adversaries with only a partial view of the network to infer which nodes are being used to relay the anonymous streams and therefore greatly reduce the anonymity provided by Tor… Expand
Analyzing the Effectiveness of Passive Correlation Attacks on the Tor Anonymity Network
TLDR
This thesis tested three correlation algorithms and found that while the two previously-existing algorithms tested both have problems that prevent them being used in certain cases, the design of the third algorithm works reliably on all types of data. Expand
Design Improvement for Tor against Low-Cost Traffic Attack and Low-Resource Routing Attack
  • Liu Xin, Wang Neng
  • Computer Science
  • 2009 WRI International Conference on Communications and Mobile Computing
  • 2009
TLDR
This paper investigates Tor design weaknesses and proposes tuning mechanisms to overcome the above-mentioned problems, and thinks with their tuning mechanisms, they can promote Tor network anonymity dramatically, and promoteTor network overall performance to the extent. Expand
Traffic Analysis against Low-Latency Anonymity Networks Using Available Bandwidth Estimation
TLDR
A novel remotely-mounted attack that can expose the network identity of an anonymous client, hidden service, and anonymizing proxies is introduced, using single-end controlled available bandwidth estimation tools and a colluding network entity that can modulate the traffic destined for the victim. Expand
Stealthy traffic analysis of low-latency anonymous communication using throughput fingerprinting
TLDR
This paper presents attacks that, with high confidence and based solely on throughput information, can reduce the attacker's uncertainty about the bottleneck relay of any Tor circuit whose throughput can be observed, and exactly identify the guard relay(s) of a Tor user when circuit throughput can been observed over multiple connections. Expand
PriFi: A Low-Latency Local-Area Anonymous Communication Network
TLDR
PriFi is presented, the first practical protocol for anonymous communication in local-area networks that is provably secure against traffic-analysis attacks, has a low communication latency, and is traffic agnostic, and can be used in practice with minimal latency overhead. Expand
Data-plane Defenses against Routing Attacks on Tor
TLDR
This paper quantify Tor’s susceptibility to traffic correlation attacks by measuring the fraction of the Tor network that is vulnerable and the advantage to the adversary of performing the attacks, and proposes defense mechanisms that protect Tor users from manipulations at the control-plane. Expand
Traffic Analysis Attacks in Anonymity Networks
TLDR
The proposed work presents an analysis of mixing strategies as a countermeasure to traffic analysis attacks in Tor, and results indicate the security gains and performance impairments of three main mixing strategies. Expand
A novel flow multiplication attack against Tor
TLDR
A novel and effective flow multiplication attack against Tor is proposed in this paper, which exploits the fundamental vulnerability of anonymous web browsing by using a man-in-the-middle attack on client's HTTP flow. Expand
AUGMENTING THE SECURITY IN TOR
Tor is an anonymous communication network. If more users are becoming interested in their privacy, the need for such anonymous services might increase. The second generation Onion Router designs TorExpand
On the Effectiveness of Traffic Analysis against Anonymity Networks Using Flow Records
TLDR
This paper presents an active traffic analysis technique based on perturbing the characteristics of user traffic at the server side, and observing a similar perturbation at the client side through statistical correlation, and demonstrates the feasibility and effectiveness of traffic analysis attacks against Tor using NetFlow data. Expand
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 58 REFERENCES
Practical Traffic Analysis: Extending and Resisting Statistical Disclosure
TLDR
This work describes how an eavesdropper can learn sender-receiver connections even when the substrate is a network of pool mixes, the attacker is non-global, and senders have complex behavior or generate padding messages. Expand
Traffic Analysis Attacks and Trade-Offs in Anonymity Providing Systems
TLDR
In light of these observations, the trade-offs that one faces when trying to construct an efficient low latency communication system that protects users anonymity are discussed. Expand
Onion routing
TLDR
Onion Routing operates by dynamically building anonymous connections within a network of real-time Chaum Onion Routing, which provides anonymous connections that are strongly resistant to both eavesdropping and traffic analysis. Expand
Introducing MorphMix: peer-to-peer based anonymous Internet usage with collusion detection
TLDR
This paper introduces MorphMix, a system for peer-to-peer based anonymous Internet usage that overcomes or reduces several drawbacks of static mix networks, and argues that the approach offers good protection from traffic analysis attacks without employing cover traffic. Expand
Tor: The Second-Generation Onion Router
TLDR
This second-generation Onion Routing system addresses limitations in the original design by adding perfect forward secrecy, congestion control, directory servers, integrity checking, configurable exit policies, and a practical design for location-hidden services via rendezvous points. Expand
Probabilistic treatment of MIXes to hamper traffic analysis
TLDR
The goal is to provide analytical estimates of the number of observations required by the disclosure attack and to identify fundamental (but avoidable) 'weak operational modes' of the MIXes and thus to protect users against a traffic analysis by the disclosed attack. Expand
Anonymous connections and onion routing
TLDR
Anonymous connections and their implementation using onion routing are described and several application proxies for onion routing, as well as configurations of onion routing networks are described. Expand
Tarzan: a peer-to-peer anonymizing network layer
TLDR
Measurements show that Tarzan imposes minimal overhead over a corresponding non-anonymous overlay route, and Protocols toward unbiased peer-selection offer new directions for distributing trust among untrusted entities. Expand
On Flow Correlation Attacks and Countermeasures in Mix Networks
TLDR
It is found that a mix with any known batching strategy may fail against flow correlation attacks in the sense that for a given flow over an input link, the adversary can correctly determine which output link is used by the same flow. Expand
Detection of Interactive Stepping Stones: Algorithms and Confidence Bounds
TLDR
The results are the first to achieve provable (polynomial) upper bounds on the number of packets needed to confidently detect and identify encrypted stepping-stone streams with proven guarantees on the probability of falsely accusing non-attacking pairs. Expand
...
1
2
3
4
5
...