Modeling TCP throughput: a simple model and its empirical validation
Proceedings of the ACM SIGCOMM '98 conference on Applications, technologies, architectures, and protocols for computer communication
Project “anonymity and unobservability in the Internet”
Proceedings of the tenth conference on Computers, freedom and privacy: challenging the assumptions
Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
Traffic analysis: protocols, attacks, design issues, and open problems
International workshop on Designing privacy enhancing technologies: design issues in anonymity and unobservability
Towards an analysis of onion routing security
International workshop on Designing privacy enhancing technologies: design issues in anonymity and unobservability
Web MIXes: a system for anonymous and unobservable Internet access
International workshop on Designing privacy enhancing technologies: design issues in anonymity and unobservability
Traffic Analysis Attacks and Trade-Offs in Anonymity Providing Systems
IHW '01 Proceedings of the 4th International Workshop on Information Hiding
Limits of Anonymity in Open Environments
IH '02 Revised Papers from the 5th International Workshop on Information Hiding
SNDSS '96 Proceedings of the 1996 Symposium on Network and Distributed System Security (SNDSS '96)
Mixminion: Design of a Type III Anonymous Remailer Protocol
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Defending Anonymous Communications Against Passive Logging Attacks
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Anonymous Connections and Onion Routing
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Location diversity in anonymity networks
Proceedings of the 2004 ACM workshop on Privacy in the electronic society
Low-Cost Traffic Analysis of Tor
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Hot or not: revealing hidden services by their clock skew
Proceedings of the 13th ACM conference on Computer and communications security
Tor: the second-generation onion router
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
How much anonymity does network latency leak?
Proceedings of the 14th ACM conference on Computer and communications security
Denial of service or denial of security?
Proceedings of the 14th ACM conference on Computer and communications security
Rethinking internet traffic management: from multiple decompositions to a practical protocol
CoNEXT '07 Proceedings of the 2007 ACM CoNEXT conference
Don't Clog the Queue! Circuit Clogging and Mitigation in P2P Anonymity Schemes
Financial Cryptography and Data Security
As-awareness in Tor path selection
Proceedings of the 16th ACM conference on Computer and communications security
How much anonymity does network latency leak?
ACM Transactions on Information and System Security (TISSEC)
Towards an information theoretic metric for anonymity
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Sampled traffic analysis by internet-exchange-level adversaries
PET'07 Proceedings of the 7th international conference on Privacy enhancing technologies
PET'07 Proceedings of the 7th international conference on Privacy enhancing technologies
EigenSpeed: secure peer-to-peer bandwidth evaluation
IPTPS'09 Proceedings of the 8th international conference on Peer-to-peer systems
A practical congestion attack on tor using long paths
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Traffic analysis against low-latency anonymity networks using available bandwidth estimation
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Stealthy traffic analysis of low-latency anonymous communication using throughput fingerprinting
Proceedings of the 18th ACM conference on Computer and communications security
Stealthy traffic analysis of low-latency anonymous communication using throughput fingerprinting
Proceedings of the 18th ACM conference on Computer and communications security
Faceless: decentralized anonymous group messaging for online social networks
Proceedings of the Fifth Workshop on Social Network Systems
Spying in the dark: TCP and tor traffic analysis
PETS'12 Proceedings of the 12th international conference on Privacy Enhancing Technologies
Throttling Tor bandwidth parasites
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Hi-index | 0.00 |
Anonymity systems such as Tor aim to enable users to communicate in a manner that is untraceable by adversaries that control a small number of machines. To provide efficient service to users, these anonymity systems make full use of forwarding capacity when sending traffic between intermediate relays. In this paper, we show that doing this leaks information about the set of Tor relays in a circuit (path). We present attacks that, with high confidence and based solely on throughput information, can (a) reduce the attacker's uncertainty about the bottleneck relay of any Tor circuit whose throughput can be observed, (b) exactly identify the guard relay(s) of a Tor user when circuit throughput can be observed over multiple connections, and (c) identify whether two concurrent TCP connections belong to the same Tor user, breaking unlinkability. Our attacks are stealthy, and cannot be readily detected by a user or by Tor relays. We validate our attacks using experiments over the live Tor network. We find that the attacker can substantially reduce the entropy of a bottleneck relay distribution of a Tor circuit whose throughput can be observed-the entropy gets reduced by a factor of 2 in the median case. Such information leaks from a single Tor circuit can be combined over multiple connections to exactly identify a user's guard relay(s). Finally, we are also able to link two connections from the same initiator with a crossover error rate of less than 1.5% in under 5 minutes. Our attacks are also more accurate and require fewer resources than previous attacks on Tor.