An analysis of tor pluggable transports under adversarial conditions

Tor Pluggable transports enable the users to overcome the adversaries which block access to the Tor network. Different pluggable transport systems use different mechanisms. Consequently, the adversaries adapt by using different approaches to identify Tor pluggable transport traffic. The deep packet inspection and the flow analysis are two of such approaches. To this end, we investigate how well pluggable transports can obfuscate user traffic under adversarial conditions. We represent the adversarial environments using the existing traffic analysis systems. Our results show that while some pluggable transports systems can hide the traffic well from adversaries, others cannot.

[1]  Lipo Wang,et al.  Data dimensionality reduction with application to simplifying RBF network structure and improving classification performance , 2003, IEEE Trans. Syst. Man Cybern. Part B.

[2]  Ian H. Witten,et al.  The WEKA data mining software: an update , 2009, SKDD.

[3]  Vitaly Shmatikov,et al.  The Parrot Is Dead: Observing Unobservable Network Communications , 2013, 2013 IEEE Symposium on Security and Privacy.

[4]  Thomas Ristenpart,et al.  Protocol misidentification made easy with format-transforming encryption , 2013, CCS.

[5]  Khalid Zenkouar,et al.  A new nearest neighbor classification method based on fuzzy set theory and aggregation operators , 2017, Expert Syst. Appl..

[6]  Bing Liu,et al.  An efficient semi-unsupervised gene selection method via spectral biclustering , 2006, IEEE Transactions on NanoBioscience.

[7]  Peter Hannay,et al.  Using Traffic Analysis to Identify the Second Generation Onion Router , 2011, 2011 IFIP 9th International Conference on Embedded and Ubiquitous Computing.

[8]  Erik Hjelmvik,et al.  Breaking and Improving Protocol Obfuscation , 2010 .

[9]  Philipp Winter,et al.  ScrambleSuit: a polymorphic network protocol to circumvent censorship , 2013, WPES.

[10]  Ian Goldberg,et al.  SkypeMorph: protocol obfuscation for Tor bridges , 2012, CCS.

[11]  Dan Boneh,et al.  Evading Censorship with Browser-Based Proxies , 2012, Privacy Enhancing Technologies.

[12]  Ian Goldberg,et al.  Enhancing Tor's performance using real-time traffic classification , 2012, CCS.

[13]  Stefan Lindskog,et al.  How the Great Firewall of China is Blocking Tor , 2012, FOCI.

[14]  Vinod Yegneswaran,et al.  StegoTorus: a camouflage proxy for the Tor anonymity system , 2012, CCS.

[15]  A. Nur Zincir-Heywood,et al.  Traffic flow analysis of tor pluggable transports , 2015, 2015 11th International Conference on Network and Service Management (CNSM).

[16]  Brandon Wiley Dust : A Blocking-Resistant Internet Transport Protocol , 2011 .

[17]  Ming Yang,et al.  Extensive analysis and large-scale empirical evaluation of tor bridge discovery , 2012, 2012 Proceedings IEEE INFOCOM.

[18]  A. Nur Zincir-Heywood,et al.  Benchmarking two techniques for Tor classification: Flow level and circuit level classification , 2014, 2014 IEEE Symposium on Computational Intelligence in Cyber Security (CICS).