论文信息 - Predicting Tor path compromise by exit port

Predicting Tor path compromise by exit port

Tor is currently the most popular low latency anonymizing overlay network for TCP-based applications. However, it is well understood that Tor's path selection algorithm is vulnerable to end-to-end traffic correlation attacks since it chooses Tor routers in proportion to their perceived bandwidth capabilities. Prior work has shown that the fraction of malicious routers and the amount of adversary-controlled bandwidth are significant factors for predicting the number of paths that an adversary can compromise. We extend this prior work by identifying that the application-layer protocol being transported is also a significant factor in predicting path compromise. Through a simulation study driven by data obtained from the real Tor network, we show that ports commonly associated with peer-to-peer file sharing protocols and the simple mail transport protocol (SMTP) are significantly more vulnerable to this attack than other ports.

Dirk Grunwald | Douglas C. Sicker | Kevin S. Bauer

[1] Matthew K. Wright,et al. Timing Attacks in Low-Latency Mix Systems (Extended Abstract) , 2004, Financial Cryptography.

[2] Peter Sewell,et al. Passive-attack analysis for connection-based anonymity systems , 2004, International Journal of Information Security.

[3] Dirk Grunwald,et al. Low-resource routing attacks against tor , 2007, WPES '07.

[4] George Danezis,et al. Denial of service or denial of security? , 2007, CCS '07.

[5] Paul F. Syverson,et al. Hiding Routing Information , 1996, Information Hiding.

[6] David Chaum,et al. Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[7] Dirk Grunwald,et al. Shining Light in Dark Places: Understanding the Tor Network , 2008, Privacy Enhancing Technologies.

[8] Nick Mathewson,et al. Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[9] Paul F. Syverson,et al. Locating hidden servers , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[10] Robert N. M. Watson,et al. Metrics for Security and Performance in Low-Latency Anonymity Systems , 2008, Privacy Enhancing Technologies.

[11] G. Danezis,et al. Denial of Service or Denial of Security? How Attacks on Reliability can Compromise Anonymity , 2007 .

[12] Nikita Borisov,et al. A Tune-up for Tor: Improving Security and Performance in the Tor Network , 2008, NDSS.