Low-resource routing attacks against Tor

Kevin Bauer; Damon McCoy; Dirk Grunwald; Tadayoshi Kohno; Douglas Sicker

doi:10.1145/1314333.1314336

Low-resource routing attacks against Tor

Kevin Bauer, Damon McCoy, Dirk Grunwald, Tadayoshi Kohno, Douglas Sicker

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Tor has become one of the most popular overlay networks for anonymizing TCP traffic. Its popularity is due in part to its perceived strong anonymity properties and its relatively low latency service. Low latency is achieved through Tor's ability to balance the traffic load by optimizing Tor router selection to probabilistically favor routers with highbandwidth capabilities. We investigate how Tor's routing optimizations impact its ability to provide strong anonymity. Through experiments conducted on PlanetLab, we show the extent to which routing performance optimizations have left the system vulnerable to end-to-end traffic analysis attacks from non-global adversaries with minimal resources. Further, we demonstrate that entry guards, added to mitigate path disruption attacks, are themselves vulnerable to attack. Finally, we explore solutions to improve Tor's current routing algorithms and propose alternative routing strategies that prevent some of the routing attacks used in our experiments.

Original language	English (US)
Title of host publication	WPES'07 - Proceedings of the 2007 ACM Workshop on Privacy in Electronic Society
Pages	11-20
Number of pages	10
DOIs	https://doi.org/10.1145/1314333.1314336
State	Published - 2007
Event	6th ACM Workshop on Privacy in the Electronic Society, WPES'07, Held in Association with the 14th ACM Computer and Communications Security Conference - Alexandria, VA, United States Duration: Oct 29 2007 → Oct 29 2007

Other

Other	6th ACM Workshop on Privacy in the Electronic Society, WPES'07, Held in Association with the 14th ACM Computer and Communications Security Conference
Country	United States
City	Alexandria, VA
Period	10/29/07 → 10/29/07

Fingerprint

Routers

anonymity

traffic

Overlay networks

Routing algorithms

resources

Experiments

experiment

ability

popularity

performance

Keywords

anonymity
load balancing
tor
traffic analysis

ASJC Scopus subject areas

Computer Networks and Communications
Safety, Risk, Reliability and Quality
Social Sciences (miscellaneous)

Cite this

Bauer, K., McCoy, D., Grunwald, D., Kohno, T., & Sicker, D. (2007). Low-resource routing attacks against Tor. In WPES'07 - Proceedings of the 2007 ACM Workshop on Privacy in Electronic Society (pp. 11-20) https://doi.org/10.1145/1314333.1314336

Low-resource routing attacks against Tor. / Bauer, Kevin; McCoy, Damon; Grunwald, Dirk; Kohno, Tadayoshi; Sicker, Douglas.

WPES'07 - Proceedings of the 2007 ACM Workshop on Privacy in Electronic Society. 2007. p. 11-20.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Bauer, K, McCoy, D, Grunwald, D, Kohno, T & Sicker, D 2007, Low-resource routing attacks against Tor. in WPES'07 - Proceedings of the 2007 ACM Workshop on Privacy in Electronic Society. pp. 11-20, 6th ACM Workshop on Privacy in the Electronic Society, WPES'07, Held in Association with the 14th ACM Computer and Communications Security Conference, Alexandria, VA, United States, 10/29/07. https://doi.org/10.1145/1314333.1314336

Bauer K, McCoy D, Grunwald D, Kohno T, Sicker D. Low-resource routing attacks against Tor. In WPES'07 - Proceedings of the 2007 ACM Workshop on Privacy in Electronic Society. 2007. p. 11-20 https://doi.org/10.1145/1314333.1314336

Bauer, Kevin ; McCoy, Damon ; Grunwald, Dirk ; Kohno, Tadayoshi ; Sicker, Douglas. / Low-resource routing attacks against Tor. WPES'07 - Proceedings of the 2007 ACM Workshop on Privacy in Electronic Society. 2007. pp. 11-20

@inproceedings{bd66903b1eba412cbab2270f119d246b,

title = "Low-resource routing attacks against Tor",

abstract = "Tor has become one of the most popular overlay networks for anonymizing TCP traffic. Its popularity is due in part to its perceived strong anonymity properties and its relatively low latency service. Low latency is achieved through Tor's ability to balance the traffic load by optimizing Tor router selection to probabilistically favor routers with highbandwidth capabilities. We investigate how Tor's routing optimizations impact its ability to provide strong anonymity. Through experiments conducted on PlanetLab, we show the extent to which routing performance optimizations have left the system vulnerable to end-to-end traffic analysis attacks from non-global adversaries with minimal resources. Further, we demonstrate that entry guards, added to mitigate path disruption attacks, are themselves vulnerable to attack. Finally, we explore solutions to improve Tor's current routing algorithms and propose alternative routing strategies that prevent some of the routing attacks used in our experiments.",

keywords = "anonymity, load balancing, tor, traffic analysis",

author = "Kevin Bauer and Damon McCoy and Dirk Grunwald and Tadayoshi Kohno and Douglas Sicker",

year = "2007",

doi = "10.1145/1314333.1314336",

language = "English (US)",

isbn = "9781595938831",

pages = "11--20",

booktitle = "WPES'07 - Proceedings of the 2007 ACM Workshop on Privacy in Electronic Society",

}

TY - GEN

T1 - Low-resource routing attacks against Tor

AU - Bauer, Kevin

AU - McCoy, Damon

AU - Grunwald, Dirk

AU - Kohno, Tadayoshi

AU - Sicker, Douglas

PY - 2007

Y1 - 2007

N2 - Tor has become one of the most popular overlay networks for anonymizing TCP traffic. Its popularity is due in part to its perceived strong anonymity properties and its relatively low latency service. Low latency is achieved through Tor's ability to balance the traffic load by optimizing Tor router selection to probabilistically favor routers with highbandwidth capabilities. We investigate how Tor's routing optimizations impact its ability to provide strong anonymity. Through experiments conducted on PlanetLab, we show the extent to which routing performance optimizations have left the system vulnerable to end-to-end traffic analysis attacks from non-global adversaries with minimal resources. Further, we demonstrate that entry guards, added to mitigate path disruption attacks, are themselves vulnerable to attack. Finally, we explore solutions to improve Tor's current routing algorithms and propose alternative routing strategies that prevent some of the routing attacks used in our experiments.

AB - Tor has become one of the most popular overlay networks for anonymizing TCP traffic. Its popularity is due in part to its perceived strong anonymity properties and its relatively low latency service. Low latency is achieved through Tor's ability to balance the traffic load by optimizing Tor router selection to probabilistically favor routers with highbandwidth capabilities. We investigate how Tor's routing optimizations impact its ability to provide strong anonymity. Through experiments conducted on PlanetLab, we show the extent to which routing performance optimizations have left the system vulnerable to end-to-end traffic analysis attacks from non-global adversaries with minimal resources. Further, we demonstrate that entry guards, added to mitigate path disruption attacks, are themselves vulnerable to attack. Finally, we explore solutions to improve Tor's current routing algorithms and propose alternative routing strategies that prevent some of the routing attacks used in our experiments.

KW - anonymity

KW - load balancing

KW - tor

KW - traffic analysis

UR - http://www.scopus.com/inward/record.url?scp=79959681025&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=79959681025&partnerID=8YFLogxK

U2 - 10.1145/1314333.1314336

DO - 10.1145/1314333.1314336

M3 - Conference contribution

SN - 9781595938831

SP - 11

EP - 20

BT - WPES'07 - Proceedings of the 2007 ACM Workshop on Privacy in Electronic Society

ER -

Access to Document

10.1145/1314333.1314336