Systematic Analysis: Resistance to Traffic Analysis Attacks in Tor System for Critical Infrastructures

The threat of traffic analysis attacks against the Tor System is an acknowledged and open research issue, especially in critical infrastructures, motivating the need for continuous research into the potential attacks and countermeasures against this threat. This paper aims to provide an in-depth study into the driving technical mechanisms of the current state-of-art Tor System (Browser Bundle and Network) that aim to provide its benefits to anonymity and privacy online. This work presents the countermeasures that have been proposed and/or implemented against such attacks, in a collated evaluation to determine their effectiveness, suitability to Tor Project, and its design aims/goals.

[1]  Thomas Engel,et al.  Website fingerprinting in onion routing based anonymization networks , 2011, WPES.

[2]  Yi Shi,et al.  Fingerprinting Attack on the Tor Anonymity System , 2009, ICICS.

[3]  Mike Perry,et al.  TorFlow: Tor Network Analysis , 2009 .

[4]  Dirk Grunwald,et al.  Low-resource routing attacks against tor , 2007, WPES '07.

[5]  Angelos D. Keromytis,et al.  On the Effectiveness of Traffic Analysis against Anonymity Networks Using Flow Records , 2014, PAM.

[6]  Vitaly Shmatikov,et al.  Timing Analysis in Low-Latency Mix Networks: Attacks and Defenses , 2006, ESORICS.

[7]  Tao Wang,et al.  Improved website fingerprinting on Tor , 2013, WPES.

[8]  Mike Perry,et al.  Toward an Efficient Website Fingerprinting Defense , 2015, ESORICS.

[9]  George Danezis,et al.  Low-cost traffic analysis of Tor , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[10]  Lei Yang,et al.  Enhancing traffic analysis resistance for Tor hidden services with multipath routing , 2015, IEEE Conference on Communications and Network Security.

[11]  Wei Wang,et al.  Dependent link padding algorithms for low latency anonymity systems , 2008, CCS.

[12]  R. Dingledine,et al.  One Fast Guard for Life ( or 9 months ) , 2014 .

[13]  Brijesh Joshi,et al.  Touching from a distance: website fingerprinting attacks and defenses , 2012, CCS.

[14]  Ian Goldberg,et al.  Changing of the guards: a framework for understanding and improving entry guard selection in tor , 2012, WPES '12.

[15]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[16]  Carmela Troncoso,et al.  Impact of Network Topology on Anonymity and Overhead in Low-Latency Anonymity Networks , 2010, Privacy Enhancing Technologies.

[17]  Weijia Jia,et al.  A new cell counter based attack against tor , 2009, CCS.

[18]  Paul F. Syverson,et al.  Locating hidden servers , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[19]  Ian Goldberg,et al.  The Path Less Travelled: Overcoming Tor's Bottlenecks with Traffic Splitting , 2013, Privacy Enhancing Technologies.