Low-resource routing attacks against Tor

Kevin Bauer, Damon McCoy, Dirk Grunwald, Tadayoshi Kohno, Douglas Sicker

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    Tor has become one of the most popular overlay networks for anonymizing TCP traffic. Its popularity is due in part to its perceived strong anonymity properties and its relatively low latency service. Low latency is achieved through Tor's ability to balance the traffic load by optimizing Tor router selection to probabilistically favor routers with highbandwidth capabilities. We investigate how Tor's routing optimizations impact its ability to provide strong anonymity. Through experiments conducted on PlanetLab, we show the extent to which routing performance optimizations have left the system vulnerable to end-to-end traffic analysis attacks from non-global adversaries with minimal resources. Further, we demonstrate that entry guards, added to mitigate path disruption attacks, are themselves vulnerable to attack. Finally, we explore solutions to improve Tor's current routing algorithms and propose alternative routing strategies that prevent some of the routing attacks used in our experiments.

    Original languageEnglish (US)
    Title of host publicationWPES'07 - Proceedings of the 2007 ACM Workshop on Privacy in Electronic Society
    Pages11-20
    Number of pages10
    DOIs
    StatePublished - 2007
    Event6th ACM Workshop on Privacy in the Electronic Society, WPES'07, Held in Association with the 14th ACM Computer and Communications Security Conference - Alexandria, VA, United States
    Duration: Oct 29 2007Oct 29 2007

    Other

    Other6th ACM Workshop on Privacy in the Electronic Society, WPES'07, Held in Association with the 14th ACM Computer and Communications Security Conference
    CountryUnited States
    CityAlexandria, VA
    Period10/29/0710/29/07

    Fingerprint

    Routers
    anonymity
    traffic
    Overlay networks
    Routing algorithms
    resources
    Experiments
    experiment
    ability
    popularity
    performance

    Keywords

    • anonymity
    • load balancing
    • tor
    • traffic analysis

    ASJC Scopus subject areas

    • Computer Networks and Communications
    • Safety, Risk, Reliability and Quality
    • Social Sciences (miscellaneous)

    Cite this

    Bauer, K., McCoy, D., Grunwald, D., Kohno, T., & Sicker, D. (2007). Low-resource routing attacks against Tor. In WPES'07 - Proceedings of the 2007 ACM Workshop on Privacy in Electronic Society (pp. 11-20) https://doi.org/10.1145/1314333.1314336

    Low-resource routing attacks against Tor. / Bauer, Kevin; McCoy, Damon; Grunwald, Dirk; Kohno, Tadayoshi; Sicker, Douglas.

    WPES'07 - Proceedings of the 2007 ACM Workshop on Privacy in Electronic Society. 2007. p. 11-20.

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Bauer, K, McCoy, D, Grunwald, D, Kohno, T & Sicker, D 2007, Low-resource routing attacks against Tor. in WPES'07 - Proceedings of the 2007 ACM Workshop on Privacy in Electronic Society. pp. 11-20, 6th ACM Workshop on Privacy in the Electronic Society, WPES'07, Held in Association with the 14th ACM Computer and Communications Security Conference, Alexandria, VA, United States, 10/29/07. https://doi.org/10.1145/1314333.1314336
    Bauer K, McCoy D, Grunwald D, Kohno T, Sicker D. Low-resource routing attacks against Tor. In WPES'07 - Proceedings of the 2007 ACM Workshop on Privacy in Electronic Society. 2007. p. 11-20 https://doi.org/10.1145/1314333.1314336
    Bauer, Kevin ; McCoy, Damon ; Grunwald, Dirk ; Kohno, Tadayoshi ; Sicker, Douglas. / Low-resource routing attacks against Tor. WPES'07 - Proceedings of the 2007 ACM Workshop on Privacy in Electronic Society. 2007. pp. 11-20
    @inproceedings{bd66903b1eba412cbab2270f119d246b,
    title = "Low-resource routing attacks against Tor",
    abstract = "Tor has become one of the most popular overlay networks for anonymizing TCP traffic. Its popularity is due in part to its perceived strong anonymity properties and its relatively low latency service. Low latency is achieved through Tor's ability to balance the traffic load by optimizing Tor router selection to probabilistically favor routers with highbandwidth capabilities. We investigate how Tor's routing optimizations impact its ability to provide strong anonymity. Through experiments conducted on PlanetLab, we show the extent to which routing performance optimizations have left the system vulnerable to end-to-end traffic analysis attacks from non-global adversaries with minimal resources. Further, we demonstrate that entry guards, added to mitigate path disruption attacks, are themselves vulnerable to attack. Finally, we explore solutions to improve Tor's current routing algorithms and propose alternative routing strategies that prevent some of the routing attacks used in our experiments.",
    keywords = "anonymity, load balancing, tor, traffic analysis",
    author = "Kevin Bauer and Damon McCoy and Dirk Grunwald and Tadayoshi Kohno and Douglas Sicker",
    year = "2007",
    doi = "10.1145/1314333.1314336",
    language = "English (US)",
    isbn = "9781595938831",
    pages = "11--20",
    booktitle = "WPES'07 - Proceedings of the 2007 ACM Workshop on Privacy in Electronic Society",

    }

    TY - GEN

    T1 - Low-resource routing attacks against Tor

    AU - Bauer, Kevin

    AU - McCoy, Damon

    AU - Grunwald, Dirk

    AU - Kohno, Tadayoshi

    AU - Sicker, Douglas

    PY - 2007

    Y1 - 2007

    N2 - Tor has become one of the most popular overlay networks for anonymizing TCP traffic. Its popularity is due in part to its perceived strong anonymity properties and its relatively low latency service. Low latency is achieved through Tor's ability to balance the traffic load by optimizing Tor router selection to probabilistically favor routers with highbandwidth capabilities. We investigate how Tor's routing optimizations impact its ability to provide strong anonymity. Through experiments conducted on PlanetLab, we show the extent to which routing performance optimizations have left the system vulnerable to end-to-end traffic analysis attacks from non-global adversaries with minimal resources. Further, we demonstrate that entry guards, added to mitigate path disruption attacks, are themselves vulnerable to attack. Finally, we explore solutions to improve Tor's current routing algorithms and propose alternative routing strategies that prevent some of the routing attacks used in our experiments.

    AB - Tor has become one of the most popular overlay networks for anonymizing TCP traffic. Its popularity is due in part to its perceived strong anonymity properties and its relatively low latency service. Low latency is achieved through Tor's ability to balance the traffic load by optimizing Tor router selection to probabilistically favor routers with highbandwidth capabilities. We investigate how Tor's routing optimizations impact its ability to provide strong anonymity. Through experiments conducted on PlanetLab, we show the extent to which routing performance optimizations have left the system vulnerable to end-to-end traffic analysis attacks from non-global adversaries with minimal resources. Further, we demonstrate that entry guards, added to mitigate path disruption attacks, are themselves vulnerable to attack. Finally, we explore solutions to improve Tor's current routing algorithms and propose alternative routing strategies that prevent some of the routing attacks used in our experiments.

    KW - anonymity

    KW - load balancing

    KW - tor

    KW - traffic analysis

    UR - http://www.scopus.com/inward/record.url?scp=79959681025&partnerID=8YFLogxK

    UR - http://www.scopus.com/inward/citedby.url?scp=79959681025&partnerID=8YFLogxK

    U2 - 10.1145/1314333.1314336

    DO - 10.1145/1314333.1314336

    M3 - Conference contribution

    SN - 9781595938831

    SP - 11

    EP - 20

    BT - WPES'07 - Proceedings of the 2007 ACM Workshop on Privacy in Electronic Society

    ER -