A novel flow multiplication attack against Tor

  • Authors:

  • Xiaogang Wang; Junzhou Luo; Ming Yang; Zhen Ling

  • Affiliations:

  • School of Computer Science and Engineering, Southeast University, Nanjing, China;School of Computer Science and Engineering, Southeast University, Nanjing, China;School of Computer Science and Engineering, Southeast University, Nanjing, China;School of Computer Science and Engineering, Southeast University, Nanjing, China

  • Venue:
  • CSCWD '09 Proceedings of the 2009 13th International Conference on Computer Supported Cooperative Work in Design
  • Year:
  • 2009

Quantified Score

Hi-index 0.00

Visualization

Abstract

Tor has become one of the most popular overlay networks for anonymizing TCP traffic. A novel and effective flow multiplication attack against Tor is proposed in this paper, which exploits the fundamental vulnerability of anonymous web browsing by using a man-in-the-middle attack on client's HTTP flow. In the flow multiplication attack, whenever a malicious exit onion router detects a web request to a target server, it responds with a malicious page embedded with specified number of image tags, which will cause the browser to initiate deterministic number of web connections on the same circuit to fetch those images. The entry onion router on the circuit can then find such traffic pattern and the communication relationship between the client and the web server will be discovered. Even if all active content systems such as JavaScript in the browser are disabled, our attack can still compromise the anonymity of Tor while achieving invisibility by keeping client's communication running continuously. The experiment results on Tor validate the feasibility and effectiveness of our attack.