skip to main content
research-article

Effectiveness and detection of denial-of-service attacks in tor

Published:30 November 2012Publication History
Skip Abstract Section

Abstract

Tor is one of the more popular systems for anonymizing near-real-time communications on the Internet. Borisov et al. [2007] proposed a denial-of-service-based attack on Tor (and related systems) that significantly increases the probability of compromising the anonymity provided. In this article, we analyze the effectiveness of the attack using both an analytic model and simulation. We also describe two algorithms for detecting such attacks, one deterministic and proved correct, the other probabilistic and verified in simulation.

References

  1. Bauer, K., McCoy, D., Grunwald, D., Kohno, T., and Sicker, D. 2007. Low-Resource routing attacks against Tor. In Proceedings of the ACM Workshop on Privacy in Electronic Society (WPES 07). ACM Press, 11--20. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Borisov, N., Danezis, G., Mittal, P., and Tabriz, P. 2007. Denial of service or denial of security? How attacks on reliability can compromise anonymity. In Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS 07). ACM Press, 92--102. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Danezis, G. and Sassaman, L. 2003. Heartbeat traffic to counter (n-1) attacks. In Proceedings of the Workshop on Privacy in the Electronic Society (WPES 03). Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Danner, N., Krizanc, D., and Liberatore, M. 2009. Detecting denial of service attacks in Tor. In Proceedings of the 13th International Conference on Financial Cryptography and Data Security (FC 09). Lecture Notes in Computer Science, vol. 5628, Springer, 273--284. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Das, A. and Borisov, N. 2011. Securing Tor tunnels under the selective DoS attack. arXiv:1107.3863v1 {cs.CR}.Google ScholarGoogle Scholar
  6. Dingledine, R., Mathewson, N., and Syverson, P. 2004a. Tor: The second-generation onion router. In Proceedings of the 13th USENIX Security Symposium. 303--320. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Dingledine, R., Shmatikov, V., and Syverson, P. 2004b. Synchronous batching: From cascades to free routes. In Proceedings of Privacy Enhancing Technologies Workshop (PET 04). Lecture Notes in Computer Science, vol. 3424, Springer, 186--206. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Levine, B. N., Reiter, M. K., Wang, C., and Wright, M. K. 2004. Timing attacks in low-latency mix-based systems. In Proceedings of the 8th International Conference on Financial Cryptography (FC 04), A. Juels, Ed., Lecture Notes in Computer Science, vol. 3110, Springer, 251--265.Google ScholarGoogle Scholar
  9. Murdoch, S. J. 2006. Hot or not: Revealing hidden services by their clock skew. In Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS 06). ACM Press, 27--36. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Murdoch, S. J. 2007. Covert channel vulnerabilities in anonymity systems. Ph.D. thesis, University of Cambridge, Cambridge, UK.Google ScholarGoogle Scholar
  11. Murdoch, S. J. and Zieliński, P. 2007. Sampled traffic analysis by Internet-exchange-level adversaries. In Proceedings of the 7th Workshop on Privacy Enhancing Technologies (PET 07). N. Borisov and P. Golle, Eds., Lecture Notes in Computer Science, vol. 4776, Springer, 167--183. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Overlier, L. and Syverson, P. 2006. Locating hidden servers. In Proceedings of the IEEE Symposium on Security and Privacy (S&P 06). IEEE Computer Society, 100--114. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Reiter, M. and Rubin, A. 1998. Crowds: Anonymity for web transactions. ACM Trans. Info. Syst. Secur. 1, 1, 66--92. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Rennhard, M. and Plattner, B. 2002. Introducing MorphMix: Peer-to-peer based anonymous internet usage with collusion detection. In Proceedings of the ACM Workshop on Privacy in the Electronic Society (WPES 02). ACM Press, 91--102. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Syverson, P., Tsudik, G., Reed, M., and Landwehr, C. 2000. Towards an analysis of onion routing security. In Proceedings of the International Workshop on Designing Privacy Enhancing Technologies Design Issues in Anonymity and Unobservability. Lecture Notes in Computer Science, vol. 2009, Springer, 96--114. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Tabriz, P. and Borisov, N. 2006. Breaking the collusion detection mechanism of MorphMix. In Proceedings of the 6th Workshop on Privacy Enhancing Technologies (PET 06). G. Danezis and P. Golle, Eds., Lecture Notes in Computer Science, vol. 4258, Springer, 368--384. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Wright, M., Adler, M., Levine, B. N., and Shields, C. 2002. An analysis of the degradation of anonymous protocols. In Proceedings of the Network and Distributed System Security Symposium (NDSS 02). Internet Society, 38--50.Google ScholarGoogle Scholar
  18. Wright, M., Adler, M., Levine, B. N., and Shields, C. 2003. Defending anonymous communication against passive logging attacks. In Proceedings of the Symposium on Security and Privacy. IEEE Computer Society, 28--41. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Effectiveness and detection of denial-of-service attacks in tor

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      Full Access

      • Published in

        cover image ACM Transactions on Information and System Security
        ACM Transactions on Information and System Security  Volume 15, Issue 3
        November 2012
        105 pages
        ISSN:1094-9224
        EISSN:1557-7406
        DOI:10.1145/2382448
        Issue’s Table of Contents

        Copyright © 2012 ACM

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Publication History

        • Published: 30 November 2012
        • Accepted: 1 June 2012
        • Revised: 1 May 2012
        • Received: 1 November 2011
        Published in tissec Volume 15, Issue 3

        Permissions

        Request permissions about this article.

        Request Permissions

        Check for updates

        Qualifiers

        • research-article
        • Research
        • Refereed

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!