Shedding Light on the Dark Corners of the Internet: A Survey of Tor Research

Anonymity services have seen high growth rates with increased usage in the past few years. Among various services, Tor is one of the most popular peer-to-peer anonymizing service. In this survey paper, we summarize, analyze, classify and quantify 26 years of research on the Tor network. Our research shows that `security' and `anonymity' are the most frequent keywords associated with Tor research studies. Quantitative analysis shows that the majority of research studies on Tor focus on `deanonymization' the design of a breaching strategy. The second most frequent topic is analysis of path selection algorithms to select more resilient paths. Analysis shows that the majority of experimental studies derived their results by deploying private testbeds while others performed simulations by developing custom simulators. No consistent parameters have been used for Tor performance analysis. The majority of authors performed throughput and latency analysis.

[1]  Ian Goldberg,et al.  SkypeMorph: protocol obfuscation for Tor bridges , 2012, CCS.

[2]  Angelos D. Keromytis,et al.  LinkWidth: A Method to measure Link Capacity and Available Bandwidth Using Single-End Probes , 2006 .

[3]  Ian Goldberg,et al.  Enhancing Tor's performance using real-time traffic classification , 2012, CCS.

[4]  Gene Tsudik,et al.  Towards an Analysis of Onion Routing Security , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[5]  Stefan Lindskog,et al.  Spoiled Onions: Exposing Malicious Tor Exit Relays , 2014, Privacy Enhancing Technologies.

[6]  Björn Scheuermann,et al.  The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network , 2014, NDSS.

[7]  Ian Goldberg,et al.  An improved algorithm for tor circuit scheduling , 2010, CCS '10.

[8]  Paul F. Syverson,et al.  Locating hidden servers , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[9]  Joseph Pasquale,et al.  Toward Improving Path Selection in Tor , 2010, 2010 IEEE Global Telecommunications Conference GLOBECOM 2010.

[10]  Nicholas Hopper,et al.  How Low Can You Go: Balancing Performance with Anonymity in Tor , 2013, Privacy Enhancing Technologies.

[11]  Nicholas Hopper,et al.  Shadow: Running Tor in a Box for Accurate and Efficient Experimentation , 2011, NDSS.

[12]  Adam Gordon,et al.  The Official (ISC)2® Guide to the SSCP2® CBK2® , 2016 .

[13]  Ian Goldberg,et al.  DefenestraTor: Throwing Out Windows in Tor , 2011, PETS.

[14]  Edgar R. Weippl,et al.  Tor HTTP Usage and Information Leakage , 2010, Communications and Multimedia Security.

[15]  Johan A. Pouwelse,et al.  The fifteen year struggle of decentralizing privacy-enhancing technology , 2014, ArXiv.

[16]  Mohamed Ali Kâafar,et al.  Digging into Anonymous Traffic: A Deep Analysis of the Tor Anonymizing Network , 2010, 2010 Fourth International Conference on Network and System Security.

[17]  Murat Yuksel,et al.  Multi Path Considerations for Anonymized Routing: Challenges and Opportunities , 2012, 2012 5th International Conference on New Technologies, Mobility and Security (NTMS).

[18]  Xinwen Fu,et al.  On performance bottleneck of anonymous communication networks , 2008, 2008 IEEE International Symposium on Parallel and Distributed Processing.

[19]  Keith W. Ross,et al.  Waiting for Anonymity: Understanding Delays in the Tor Overlay , 2010, 2010 IEEE Tenth International Conference on Peer-to-Peer Computing (P2P).

[20]  Lidong Wang,et al.  TMT: A new Tunable Mechanism of Tor based on the path length , 2012, 2012 IEEE 2nd International Conference on Cloud Computing and Intelligence Systems.

[21]  Thomas Engel,et al.  Website fingerprinting in onion routing based anonymization networks , 2011, WPES.

[22]  Walid Dabbous,et al.  One Bad Apple Spoils the Bunch: Exploiting P2P Applications to Trace and Profile Tor Users , 2011, LEET.

[23]  Jianping Wu,et al.  A Novel Method to Prevent Traffic Analysis in Low-Latency Anonymous Communication Systems , 2008, 2008 International Conference on Computer and Electrical Engineering.

[24]  Harold F. Tipton Official (ISC)2 Guide to the SSCP CBK, Second Edition , 2010 .

[25]  David Wolinsky,et al.  Reducing Latency in Tor Circuits with Unordered Delivery , 2013, FOCI.

[26]  Nikita Borisov,et al.  Improving Security and Performance in the Tor Network through Tunable Path Selection , 2011, IEEE Transactions on Dependable and Secure Computing.

[27]  Steven J. Murdoch,et al.  Hot or not: revealing hidden services by their clock skew , 2006, CCS '06.

[28]  Konrad Rieck,et al.  — Technical Report — Torben: Deanonymizing Tor Communication using Web Page Markers , 2014 .

[29]  Angelos D. Keromytis,et al.  Identifying Proxy Nodes in a Tor Anonymization Circuit , 2008, 2008 IEEE International Conference on Signal Image Technology and Internet Based Systems.

[30]  Dongsheng Wang,et al.  Relay recommendation system (RRS) and selective anonymity for tor , 2012, 2012 IEEE Global Communications Conference (GLOBECOM).

[31]  Radu State,et al.  Breaking Tor Anonymity with Game Theory and Data Mining , 2010, 2010 Fourth International Conference on Network and System Security.

[32]  Gabi Dreo Rodosek,et al.  How Anonymous Is the Tor Network? A Long-Term Black-Box Investigation , 2016, Computer.

[33]  Carmela Troncoso,et al.  Fingerprinting Tor's hidden service log files using a timing channel , 2011, 2011 IEEE International Workshop on Information Forensics and Security.

[34]  Nikita Borisov,et al.  rBridge: User Reputation based Tor Bridge Distribution with Privacy Preservation , 2013, NDSS.

[35]  Dhiah el Diehn I. Abou-Tair,et al.  Usability Inspection of Anonymity Networks , 2009, 2009 World Congress on Privacy, Security, Trust and the Management of e-Business.

[36]  Harsha V. Madhyastha,et al.  LASTor: A Low-Latency AS-Aware Tor Client , 2012, IEEE/ACM Transactions on Networking.

[37]  Roger Dingledine,et al.  Methodically Modeling the Tor Network , 2012, CSET.

[38]  Katia Obraczka,et al.  A flexible in-network IP anonymization service , 2012, 2012 IEEE International Conference on Communications (ICC).

[39]  Tao Wang,et al.  Improved website fingerprinting on Tor , 2013, WPES.

[40]  Roger Dingledine,et al.  A Case Study on Measuring Statistical Data in the Tor Anonymity Network , 2010, Financial Cryptography Workshops.

[41]  Gilles Barthe,et al.  Robustness Guarantees for Anonymity , 2010, 2010 23rd IEEE Computer Security Foundations Symposium.

[42]  Paul F. Syverson,et al.  Onion routing , 1999, CACM.

[43]  Ian Goldberg,et al.  Changing of the guards: a framework for understanding and improving entry guard selection in tor , 2012, WPES '12.

[44]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[45]  Fatemeh Shirazi,et al.  A Survey on Tor and I2P , 2014 .

[46]  Nicholas Hopper,et al.  Throttling Tor Bandwidth Parasites , 2012, NDSS.

[47]  Jeremy Clark,et al.  Usability of anonymous web browsing: an examination of Tor interfaces and deployability , 2007, SOUPS '07.

[48]  Angelos D. Keromytis,et al.  Detecting Traffic Snooping in Tor Using Decoys , 2011, RAID.

[49]  Roger Dingledine,et al.  Building Incentives into Tor , 2010, Financial Cryptography.

[50]  Stefan Lindskog,et al.  How the Great Firewall of China is Blocking Tor , 2012, FOCI.

[51]  Vinod Yegneswaran,et al.  StegoTorus: a camouflage proxy for the Tor anonymity system , 2012, CCS.

[52]  John B. Shoven,et al.  I , Edinburgh Medical and Surgical Journal.

[53]  Nadia Heninger,et al.  Torchestra: reducing interactive traffic delays over tor , 2012, WPES '12.

[54]  Paul F. Syverson,et al.  Anonymous connections and onion routing , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[55]  Angelos D. Keromytis,et al.  On the Effectiveness of Traffic Analysis against Anonymity Networks Using Flow Records , 2014, PAM.

[56]  Danny Krizanc,et al.  Effectiveness and detection of denial-of-service attacks in tor , 2012, TSEC.

[57]  William Stallings,et al.  THE ADVANCED ENCRYPTION STANDARD , 2002, Cryptologia.

[58]  Edward W. Felten,et al.  Security Audit of Safeplug "Tor in a Box" , 2014, FOCI.

[59]  Dirk Grunwald,et al.  Predicting Tor path compromise by exit port , 2009, 2009 IEEE 28th International Performance Computing and Communications Conference.

[60]  Edgar R. Weippl,et al.  Anonymity and Monitoring: How to Monitor the Infrastructure of an Anonymity System , 2010, IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews).

[61]  Ian Goldberg,et al.  BridgeSPA: improving Tor bridges with single packet authorization , 2011, WPES.

[62]  Angelos D. Keromytis,et al.  CellFlood: Attacking Tor Onion Routers on the Cheap , 2013, ESORICS.

[63]  Micah Sherr,et al.  Users get routed: traffic correlation on tor by realistic adversaries , 2013, CCS.

[64]  Dirk Grunwald,et al.  Low-resource routing attacks against tor , 2007, WPES '07.

[65]  Ian Goldberg,et al.  Performance and Security Improvements for Tor , 2016, IACR Cryptol. ePrint Arch..

[66]  Nick Mathewson,et al.  Deploying Low-Latency Anonymity: Design Challenges and Social Factors , 2007, IEEE Security & Privacy.

[67]  Xin Liu,et al.  Anti-misbehavior System for Tor Network , 2009, 2009 Fifth International Joint Conference on INC, IMS and IDC.

[68]  Jie Wu,et al.  Survey on anonymous communications in computer networks , 2010, Comput. Commun..

[69]  George Danezis,et al.  Low-cost traffic analysis of Tor , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[70]  Vincent Rijmen,et al.  The Design of Rijndael: AES - The Advanced Encryption Standard , 2002 .

[71]  Ming Yang,et al.  Application-level attack against Tor's hidden service , 2011, 2011 6th International Conference on Pervasive Computing and Applications.

[72]  Roger Dingledine,et al.  A Practical Congestion Attack on Tor Using Long Paths , 2009, USENIX Security Symposium.

[73]  Eric Chan-Tin,et al.  Revisiting Circuit Clogging Attacks on Tor , 2013, 2013 International Conference on Availability, Reliability and Security.

[74]  Micah Sherr,et al.  HisTorε: Differentially Private and Robust Statistics Collection for Tor , 2017, NDSS.

[75]  Ian Goldberg On the Security of the Tor Authentication Protocol , 2006, Privacy Enhancing Technologies.

[76]  Xin Liu,et al.  An Improved Tor Circuit-Building Protocol , 2009, 2009 International Joint Conference on Artificial Intelligence.

[77]  Nicholas Hopper,et al.  Challenges in Protecting Tor Hidden Services from Botnet Abuse , 2014, Financial Cryptography.

[78]  Peter Hannay,et al.  Using Traffic Analysis to Identify the Second Generation Onion Router , 2011, 2011 IFIP 9th International Conference on Embedded and Ubiquitous Computing.

[79]  Andriy Panchenko,et al.  Performance Analysis of Anonymous Communication Channels Provided by Tor , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[80]  Guido Wirtz,et al.  Performance Measurements and Statistics of Tor Hidden Services , 2008, 2008 International Symposium on Applications and the Internet.

[81]  Guido Wirtz,et al.  Performance Measurements of Tor Hidden Services in Low-Bandwidth Access Networks , 2009, ACNS.

[82]  Andriy Panchenko,et al.  Practical anonymous communication on the mobile internet using Tor , 2007, 2007 Third International Conference on Security and Privacy in Communications Networks and the Workshops - SecureComm 2007.

[83]  Micah Sherr,et al.  ExperimenTor: A Testbed for Safe and Realistic Tor Experimentation , 2011, CSET.

[84]  Nikita Borisov,et al.  A Tune-up for Tor: Improving Security and Performance in the Tor Network , 2008, NDSS.

[85]  Harsha V. Madhyastha,et al.  LASTor: A Low-Latency AS-Aware Tor Client , 2012, S&P 2012.

[86]  Amir Herzberg,et al.  Spying in the Dark: TCP and Tor Traffic Analysis , 2012, Privacy Enhancing Technologies.

[87]  Eric C. Price,et al.  Browser-Based Attacks on Tor , 2007, Privacy Enhancing Technologies.

[88]  Vitaly Shmatikov,et al.  The Parrot Is Dead: Observing Unobservable Network Communications , 2013, 2013 IEEE Symposium on Security and Privacy.

[89]  George Danezis,et al.  Denial of service or denial of security? , 2007, CCS '07.

[90]  Emmanuel Bresson,et al.  Provably authenticated group Diffie-Hellman key exchange , 2001, CCS '01.

[91]  Nicholas Hopper,et al.  Recruiting new tor relays with BRAIDS , 2010, CCS '10.

[92]  Xiaogang Wang,et al.  A novel flow multiplication attack against Tor , 2009, 2009 13th International Conference on Computer Supported Cooperative Work in Design.

[93]  Paul F. Syverson,et al.  As-awareness in Tor path selection , 2009, CCS.

[94]  Ian Goldberg,et al.  Provably Secure and Practical Onion Routing , 2012, 2012 IEEE 25th Computer Security Foundations Symposium.

[95]  Shuai Li,et al.  Fingerprinting Keywords in Search Queries over Tor , 2017, Proc. Priv. Enhancing Technol..

[96]  Li Guo,et al.  An empirical analysis of family in the Tor network , 2013, 2013 IEEE International Conference on Communications (ICC).

[97]  Thomas Engel,et al.  Improving performance and anonymity in the Tor network , 2012, 2012 IEEE 31st International Performance Computing and Communications Conference (IPCCC).

[98]  Gang Xiong,et al.  A de-anonymize attack method based on traffic analysis , 2013, 2013 8th International Conference on Communications and Networking in China (CHINACOM).

[99]  Nadjib Badache,et al.  Tor Network Limits , 2011, 2011 International Conference on Network Computing and Information Security.

[100]  Xin Liu,et al.  Random Walk-Based Tor Circuit Building Protocol , 2009, 2009 International Conference on Computational Intelligence and Security.

[101]  Amir Herzberg,et al.  Camouflaged Private Communication , 2011, 2011 IEEE Third Int'l Conference on Privacy, Security, Risk and Trust and 2011 IEEE Third Int'l Conference on Social Computing.

[102]  Alex Biryukov,et al.  Trawling for Tor Hidden Services: Detection, Measurement, Deanonymization , 2013, 2013 IEEE Symposium on Security and Privacy.

[103]  Björn Scheuermann,et al.  Unleashing Tor, BitTorrent & Co.: How to relieve TCP deficiencies in overlays , 2010, IEEE Local Computer Network Conference.

[104]  Joan Feigenbaum,et al.  Avoiding The Man on the Wire: Improving Tor's Security with Trust-Aware Path Selection , 2015, NDSS.

[105]  Sami Zhioua,et al.  Attacking Tor through Unpopular Ports , 2013, 2013 IEEE 33rd International Conference on Distributed Computing Systems Workshops.

[106]  Radu Sion,et al.  XPay: practical anonymous payments for tor routing and other networked services , 2009, WPES '09.

[107]  Micah Sherr,et al.  An Empirical Evaluation of Relay Selection in Tor , 2013, NDSS.

[108]  Tao Wang,et al.  Congestion-Aware Path Selection for Tor , 2012, Financial Cryptography.

[109]  Xinwen Fu,et al.  A New Replay Attack Against Anonymous Communication Networks , 2008, 2008 IEEE International Conference on Communications.

[110]  Paul F. Syverson,et al.  Hiding Routing Information , 1996, Information Hiding.

[111]  Dirk Grunwald,et al.  Shining Light in Dark Places: Understanding the Tor Network , 2008, Privacy Enhancing Technologies.

[112]  Paul F. Syverson,et al.  Proxies for anonymous routing , 1996, Proceedings 12th Annual Computer Security Applications Conference.

[113]  Nauman Aslam,et al.  The novel use of Bridge Relays to provide persistent Tor connections for mobile devices , 2013, 2013 IEEE 24th Annual International Symposium on Personal, Indoor, and Mobile Radio Communications (PIMRC).

[114]  Jing Jin,et al.  On the effectiveness of low latency anonymous network in the presence of timing attack , 2009, 2009 IEEE/IFIP International Conference on Dependable Systems & Networks.

[115]  Björn Scheuermann,et al.  Tor is unfair — And what to do about it , 2011, 2011 IEEE 36th Conference on Local Computer Networks.

[116]  Stjepan Gros,et al.  Protecting TOR exit nodes from abuse , 2010, The 33rd International Convention MIPRO.

[117]  Liu Xin,et al.  Design Improvement for Tor against Low-Cost Traffic Attack and Low-Resource Routing Attack , 2009, 2009 WRI International Conference on Communications and Mobile Computing.

[118]  Yong Zhang,et al.  Traffic Identification of Tor and Web-Mix , 2008, 2008 Eighth International Conference on Intelligent Systems Design and Applications.