Traffic Analysis Attacks on Tor: A Survey

The Tor anonymity network is one of the most popular and widely used tools to protect the privacy of online users. Tor provides defenses against multiple adversarial activities aiming to identify or trace the users. Traffic analysis is a very strong tool that can be used for internet surveillance. Traffic analysis attacks against Tor's anonymity network has been known as an open question in research. Moreover, the low-latency feature Tor tries to provide to its users imposes limitations in defending against traffic analysis attacks. In our study, we examine traffic analysis attacks from the perspective of the adopted adversary model and how much it fits within Tor's threat model. The purpose of this study is to evaluate how practical these attacks are on real-time Tor network.

[1]  Yuval Elovici,et al.  Network Flow Watermarking: A Survey , 2017, IEEE Communications Surveys & Tutorials.

[2]  Katharina Kohls,et al.  DigesTor: Comparing Passive Traffic Analysis Attacks on Tor , 2018, ESORICS.

[3]  Konrad Rieck,et al.  Torben: A Practical Side-Channel Attack for Deanonymizing Tor Communication , 2015, AsiaCCS.

[4]  Yuval Elovici,et al.  The DUSTER Attack: Tor Onion Service Attribution Based on Flow Watermarking with Track Hiding , 2019, RAID.

[5]  Björn Scheuermann,et al.  The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network , 2014, NDSS.

[6]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router (2014 DRAFT v1) , 2012 .

[7]  Gene Tsudik,et al.  Towards an Analysis of Onion Routing Security , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[8]  Marc Dacier,et al.  Circuit Fingerprinting Attacks: Passive Deanonymization of Tor Hidden Services , 2015, USENIX Security Symposium.

[9]  Arya Mazumdar,et al.  Compressive Traffic Analysis: A New Paradigm for Scalable Traffic Analysis , 2017, CCS.

[10]  Micah Sherr,et al.  Users get routed: traffic correlation on tor by realistic adversaries , 2013, CCS.

[11]  Anton Stiglic,et al.  Traffic Analysis Attacks and Trade-Offs in Anonymity Providing Systems , 2001, Information Hiding.

[12]  Manmeet Mahinderjit Singh,et al.  A Survey on Tor Encrypted Traffic Monitoring , 2018 .

[13]  Gang Xiong,et al.  A de-anonymize attack method based on traffic analysis , 2013, 2013 8th International Conference on Communications and Networking in China (CHINACOM).

[14]  Yuval Elovici,et al.  Inflow: Inverse Network Flow Watermarking for Detecting Hidden Servers , 2018, IEEE INFOCOM 2018 - IEEE Conference on Computer Communications.

[15]  Alex Biryukov,et al.  Trawling for Tor Hidden Services: Detection, Measurement, Deanonymization , 2013, 2013 IEEE Symposium on Security and Privacy.

[16]  Neetesh Saxena,et al.  Systematic Analysis: Resistance to Traffic Analysis Attacks in Tor System for Critical Infrastructures , 2018, 2018 IEEE International Conference on Systems, Man, and Cybernetics (SMC).

[17]  Brijesh Joshi,et al.  Touching from a distance: website fingerprinting attacks and defenses , 2012, CCS.

[18]  Prateek Mittal,et al.  RAPTOR: Routing Attacks on Privacy in Tor , 2015, USENIX Security Symposium.

[19]  Sami Zhioua,et al.  Finding a Needle in a Haystack: The Traffic Analysis Version , 2019, Proc. Priv. Enhancing Technol..

[20]  Amir Herzberg,et al.  Spying in the Dark: TCP and Tor Traffic Analysis , 2012, Privacy Enhancing Technologies.

[21]  Junzhou Luo,et al.  Inferring Application Type Information from Tor Encrypted Traffic , 2014, 2014 Second International Conference on Advanced Cloud and Big Data.

[22]  Nikita Borisov,et al.  RAINBOW: A Robust And Invisible Non-Blind Watermark for Network Flows , 2009, NDSS.

[23]  Ian Goldberg,et al.  Performance and Security Improvements for Tor , 2016, IACR Cryptol. ePrint Arch..

[24]  Milad Nasr,et al.  DeepCorr: Strong Flow Correlation Attacks on Tor Using Deep Learning , 2018, CCS.

[25]  Ali A. Ghorbani,et al.  Characterization of Tor Traffic using Time based Features , 2017, ICISSP.

[26]  Angelos D. Keromytis,et al.  On the Effectiveness of Traffic Analysis against Anonymity Networks Using Flow Records , 2014, PAM.

[27]  George Danezis,et al.  Low-cost traffic analysis of Tor , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).