Tor: the second-generation onion router
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Shining Light in Dark Places: Understanding the Tor Network
PETS '08 Proceedings of the 8th international symposium on Privacy Enhancing Technologies
HOTSEC'08 Proceedings of the 3rd conference on Hot topics in security
PET'07 Proceedings of the 7th international conference on Privacy enhancing technologies
INFOCOM'10 Proceedings of the 29th conference on Information communications
Privacy-preserving P2P data sharing with OneSwarm
Proceedings of the ACM SIGCOMM 2010 conference
LEET'10 Proceedings of the 3rd USENIX conference on Large-scale exploits and emergent threats: botnets, spyware, worms, and more
A case study on measuring statistical data in the tor anonymity network
FC'10 Proceedings of the 14th international conference on Financial cryptograpy and data security
Unraveling the BitTorrent Ecosystem
IEEE Transactions on Parallel and Distributed Systems
Anonymous connections and onion routing
IEEE Journal on Selected Areas in Communications
ExperimenTor: a testbed for safe and realistic tor experimentation
CSET'11 Proceedings of the 4th conference on Cyber security experimentation and test
Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference
Methodically modeling the Tor network
CSET'12 Proceedings of the 5th USENIX conference on Cyber Security Experimentation and Test
Enhancing Tor's performance using real-time traffic classification
Proceedings of the 2012 ACM conference on Computer and communications security
Improving content availability in the i2p anonymous file-sharing environment
CSS'12 Proceedings of the 4th international conference on Cyberspace Safety and Security
A bird's eye view on the I2P anonymous file-sharing environment
NSS'12 Proceedings of the 6th international conference on Network and System Security
Privacy in content-oriented networking: threats and countermeasures
ACM SIGCOMM Computer Communication Review
TorrentGuard: Stopping scam and malware distribution in the BitTorrent ecosystem
Computer Networks: The International Journal of Computer and Telecommunications Networking
| Hi-index | 0.00 |
Tor is a popular low-latency anonymity network. However, Tor does not protect against the exploitation of an insecure application to reveal the IP address of, or trace, a TCP stream. In addition, because of the linkability of Tor streams sent together over a single circuit, tracing one stream sent over a circuit traces them all. Surprisingly, it is unknown whether this linkability allows in practice to trace a significant number of streams originating from secure (i.e., proxied) applications. In this paper, we show that linkability allows us to trace 193% of additional streams, including 27% of HTTP streams possibly originating from "secure" browsers. In particular, we traced 9% of all Tor streams carried by our instrumented exit nodes. Using BitTorrent as the insecure application, we design two attacks tracing BitTorrent users on Tor. We run these attacks in the wild for 23 days and reveal 10,000 IP addresses of Tor users. Using these IP addresses, we then profile not only the BitTorrent downloads but also the websites visited per country of origin of Tor users. We show that BitTorrent users on Tor are over-represented in some countries as compared to BitTorrent users outside of Tor. By analyzing the type of content downloaded, we then explain the observed behaviors by the higher concentration of pornographic content downloaded at the scale of a country. Finally, we present results suggesting the existence of an underground BitTorrent ecosystem on Tor.