TorWard: Discovery, Blocking, and Traceback of Malicious Traffic Over Tor

@article{Ling2015TorWardDB,
  title={TorWard: Discovery, Blocking, and Traceback of Malicious Traffic Over Tor},
  author={Zhen Ling and Junzhou Luo and Kui Wu and Wei Yu and Xinwen Fu},
  journal={IEEE Transactions on Information Forensics and Security},
  year={2015},
  volume={10},
  pages={2515-2530}
}
Tor is a popular low-latency anonymous communication system. It is, however, currently abused in various ways. Tor exit routers are frequently troubled by administrative and legal complaints. To gain an insight into such abuse, we designed and implemented a novel system, TorWard, for the discovery and the systematic study of malicious traffic over Tor. The system can avoid legal and administrative complaints, and allows the investigation to be performed in a sensitive environment such as a… CONTINUE READING

Citations

Publications citing this paper.
SHOWING 1-10 OF 23 CITATIONS

Automated Big Traffic Analytics for Cyber Security

VIEW 8 EXCERPTS
CITES METHODS & BACKGROUND
HIGHLY INFLUENCED

Poster : Mitigating OnionBots

VIEW 4 EXCERPTS
CITES BACKGROUND
HIGHLY INFLUENCED

Black-box Adversarial Machine Learning Attack on Network Traffic Classification

VIEW 1 EXCERPT
CITES METHODS

Cybersecurity Metrics for Enhanced Protection of Healthcare IT Systems

VIEW 1 EXCERPT
CITES METHODS

A Survey of Blockchain: Techniques, Applications, and Challenges

VIEW 1 EXCERPT
CITES BACKGROUND

References

Publications referenced by this paper.
SHOWING 1-10 OF 23 REFERENCES

Protocol-level hidden server discovery

VIEW 4 EXCERPTS

Traveling the silk road: a measurement analysis of a large anonymous online marketplace

VIEW 3 EXCERPTS
HIGHLY INFLUENTIAL

Digging into Anonymous Traffic: A Deep Analysis of the Tor Anonymizing Network

VIEW 5 EXCERPTS
HIGHLY INFLUENTIAL

Shining Light in Dark Places: Understanding the Tor Network

VIEW 5 EXCERPTS
HIGHLY INFLUENTIAL

Locating hidden servers

VIEW 4 EXCERPTS
HIGHLY INFLUENTIAL

TorWard: Discovery of malicious traffic over Tor

VIEW 1 EXCERPT

A traceback attack on Freenet

VIEW 1 EXCERPT

Cybercriminals Experiment With Tor-Based C&C, Ring-3-Rootkit Empowered

  • D. Danchev
  • SPDY Form Grabbing Malware Bot. [Online]. Available: http://blog.webroot.com/2013/07/02/
  • 2013
VIEW 1 EXCERPT

The Rise of TOR-Based Botnets

  • A. Matrosov
  • 2013
VIEW 1 EXCERPT

Trawling for Tor Hidden Services: Detection, Measurement, Deanonymization

VIEW 2 EXCERPTS