Modeling TCP throughput: a simple model and its empirical validation
Proceedings of the ACM SIGCOMM '98 conference on Applications, technologies, architectures, and protocols for computer communication
Experiences implementing a high performance TCP in user-space
SIGCOMM '95 Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication
Scalability and accuracy in a large-scale network emulator
ACM SIGOPS Operating Systems Review - OSDI '02: Proceedings of the 5th symposium on Operating systems design and implementation
Remote Physical Device Fingerprinting
IEEE Transactions on Dependable and Secure Computing
Tor: the second-generation onion router
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Shining Light in Dark Places: Understanding the Tor Network
PETS '08 Proceedings of the 8th international symposium on Privacy Enhancing Technologies
Scalable Link-Based Relay Selection for Anonymous Routing
PETS '09 Proceedings of the 9th International Symposium on Privacy Enhancing Technologies
Scalable onion routing with torsk
Proceedings of the 16th ACM conference on Computer and communications security
Improving tor using a TCP-over-DTLS tunnel
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Recruiting new tor relays with BRAIDS
Proceedings of the 17th ACM conference on Computer and communications security
An improved algorithm for tor circuit scheduling
Proceedings of the 17th ACM conference on Computer and communications security
Analysis of IPSec overheads for VPN servers
NPSEC'05 Proceedings of the First international conference on Secure network protocols
ExperimenTor: a testbed for safe and realistic tor experimentation
CSET'11 Proceedings of the 4th conference on Cyber security experimentation and test
PIR-Tor: scalable anonymous communication using private information retrieval
SEC'11 Proceedings of the 20th USENIX conference on Security
DefenestraTor: throwing out windows in Tor
PETS'11 Proceedings of the 11th international conference on Privacy enhancing technologies
Tor and circumvention: lessons learned
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Proceedings of the 27th Annual Computer Security Applications Conference
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
LASTor: A Low-Latency AS-Aware Tor Client
SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
Throttling Tor bandwidth parasites
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Methodically modeling the Tor network
CSET'12 Proceedings of the 5th USENIX conference on Cyber Security Experimentation and Test
Torchestra: reducing interactive traffic delays over tor
Proceedings of the 2012 ACM workshop on Privacy in the electronic society
Enhancing Tor's performance using real-time traffic classification
Proceedings of the 2012 ACM conference on Computer and communications security
How (not) to build a transport layer for anonymity overlays
ACM SIGMETRICS Performance Evaluation Review
Hi-index | 0.00 |
Recently, there have been several research efforts to design a transport layer that meets the security requirements of anonymous communications while maximizing the network performance experienced by users. In this work, we argue that existing proposals suffer from several performance and deployment issues and we introduce PCTCP, a novel anonymous communication transport design for overlay networks that addresses the shortcomings of the previous proposals. In PCTCP, every overlay path, or circuit, is assigned a separate kernel-level TCP connection that is protected by IPsec, the standard security layer for IP. To evaluate our work, we focus on the Tor network, the most popular low-latency anonymity network, which is notorious for its performance problems that can potentially deter its wider adoption and thereby impact its anonymity. Previous research showed that the current transport layer design of Tor, in which several circuits are multiplexed in a single TCP connection between any pair of routers, is a key contributor to Tor's performance issues. We implemented, experimentally evaluated, and confirmed the potential gains provided by PCTCP in an isolated testbed and on the live Tor network. We ascertained that significant performance benefits can be obtained using our approach for web clients, while maintaining the same level of anonymity provided by the network today. Our realistic large-scale experimental evaluation of PCTCP shows improvements of more than 60% for response times and approximately 30% for download times compared to Tor. Finally, PCTCP only requires minimal changes to Tor and is easily deployable, as it does not require all routers on a circuit to upgrade.