Spoiled Onions: Exposing Malicious Tor Exit Relays

  title={Spoiled Onions: Exposing Malicious Tor Exit Relays},
  author={Philipp Winter and Stefan Lindskog},
  booktitle={Privacy Enhancing Technologies},
Several hundred Tor exit relays together push more than 1 GiB/s of network traffic. However, it is easy for exit relays to snoop and tamper with anonymised network traffic and as all relays are run by independent volunteers, not all of them are innocuous. In this paper, we seek to expose malicious exit relays and document their actions. First, we monitored the Tor network after developing a fast and modular exit relay scanner. We implemented several scanning modules for detecting common attacks… CONTINUE READING
Highly Cited
This paper has 49 citations. REVIEW CITATIONS
Related Discussions
This paper has been referenced on Twitter 17 times. VIEW TWEETS


Publications citing this paper.
Showing 1-10 of 34 extracted citations

Shedding Light on the Dark Corners of the Internet: A Survey of Tor Research

J. Network and Computer Applications • 2018
View 5 Excerpts
Highly Influenced

Content-Centric and Named-Data Networking Security: The Good, The Bad and The Rest

2018 IEEE International Symposium on Local and Metropolitan Area Networks (LANMAN) • 2018
View 1 Excerpt

Fingerprinting encrypted network traffic types using machine learning

NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium • 2018


Publications referenced by this paper.
Showing 1-10 of 15 references

The Design and Implementation of the Tor Browser [DRAFT

Mike Perry, Erinn Clark, Steven Murdoch
View 12 Excerpts
Highly Influenced

The top 500 sites on the web

J Daniel

Public key pinning

Adam Langley
URL: https://www.imperialviolet.org/2011/05/04/ pinning.html • 2011
View 1 Excerpt

Tor HTTP Usage and Information Leakage

Communications and Multimedia Security • 2010
View 2 Excerpts

Security expert used Tor to collect government e-mail passwords

Ryan Paul
URL: http: //arstechnica.com/security/2007/09/securityexpert-used-tor-to-collect-government-e-mailpasswords/ • 2007
View 1 Excerpt

Similar Papers

Loading similar papers…