A potential HTTP-based application-level attack against Tor

Authors:
Xiaogang Wang;Junzhou Luo;Ming Yang;Zhen Ling
Affiliations:
School of Computer Science and Engineering, Southeast University, Nanjing, 210096, PR China and Changzhou College of Information Technology, Changzhou, 213164, PR China;School of Computer Science and Engineering, Southeast University, Nanjing, 210096, PR China;School of Computer Science and Engineering, Southeast University, Nanjing, 210096, PR China;School of Computer Science and Engineering, Southeast University, Nanjing, 210096, PR China
Venue:
Future Generation Computer Systems
Year:
2011

Citing 25
Cited 2

Anonymous Web transactions with Crowds

Communications of the ACM
Privacy protection and anonymity services for the World Wide Web

Future Generation Computer Systems - Special issue on security on the Web
WWW security and trusted third party services

Future Generation Computer Systems - Special issue on security on the Web
Untraceable electronic mail, return addresses, and digital pseudonyms

Communications of the ACM
Tarzan: a peer-to-peer anonymizing network layer

Proceedings of the 9th ACM conference on Computer and communications security
Mixminion: Design of a Type III Anonymous Remailer Protocol

SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Web tap: detecting covert web traffic

Proceedings of the 11th ACM conference on Computer and communications security
Fingerprinting Relational Databases: Schemes and Specialties

IEEE Transactions on Dependable and Secure Computing
Low-Cost Traffic Analysis of Tor

SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
On Flow Marking Attacks in Wireless Anonymous Communication Networks

ICDCS '05 Proceedings of the 25th IEEE International Conference on Distributed Computing Systems
Locating Hidden Servers

SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
On the Secrecy of Timing-Based Active Watermarking Trace-Back Techniques

SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Hot or not: revealing hidden services by their clock skew

Proceedings of the 13th ACM conference on Computer and communications security
Inferring the source of encrypted HTTP connections

Proceedings of the 13th ACM conference on Computer and communications security
Tor: the second-generation onion router

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
DSSS-Based Flow Marking Technique for Invisible Traceback

SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Network Flow Watermarking Attack on Low-Latency Anonymous Communication Systems

SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Keyboards and covert channels

USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Low-resource routing attacks against tor

Proceedings of the 2007 ACM workshop on Privacy in electronic society
Covert channels in privacy-preserving identification systems

Proceedings of the 14th ACM conference on Computer and communications security
Passive-Logging Attacks Against Anonymous Communications Systems

ACM Transactions on Information and System Security (TISSEC)
Discovering phishing target based on semantic link network

Future Generation Computer Systems
The schema theory for semantic link network

Future Generation Computer Systems
Browser-based attacks on Tor

PET'07 Proceedings of the 7th international conference on Privacy enhancing technologies
On flow correlation attacks and countermeasures in mix networks

PET'04 Proceedings of the 4th international conference on Privacy Enhancing Technologies

A secure broadcasting cryptosystem and its application to grid computing

Future Generation Computer Systems
StegoTorus: a camouflage proxy for the Tor anonymity system

Proceedings of the 2012 ACM conference on Computer and communications security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Tor has become one of the most popular overlay networks for anonymizing TCP traffic, however, the anonymity of Tor clients is threatened by various attacks exploiting traffic analysis or Tor's design features. Although considerable effort has been made to secure and improve Tor networks, little attention has been paid to various application-level attacks against Tor. In this paper, we present a potential HTTP-based application-level attack against Tor, which exploits both Tor's design features and HTTP's vulnerability to man-in-the-middle attacks. Such an application-level attack can efficiently and effectively compromise the anonymity of clients without using invasive plugins like Java or any other active content systems in a web browser, posing a serious threat to Tor. Our analytical and empirical results validate the feasibility and effectiveness of the attack. Based on our analysis of the potential attack mechanism, we propose corresponding countermeasures to thwart such potential application-level attacks against Tor, thereby effectively securing and improving Tor networks. Since the fundamental vulnerability exposed by this paper is not specific to web browsing via Tor but rather to the problem of other low-latency applications based on TCP streams, our study is critical for securing and improving low-latency anonymous communication systems.