Filters








61 Hits in 4.8 sec

A Stealthy Attack Against Tor Guard Selection

Quangang Li, Peipeng Liu, Zhiguang Qin
2015 International Journal of Security and Its Applications  
This type of attacks can infer hops of Tor circuits [5] or destination websites [6-8] based on the fingerprinting of sniffed Tor traffic.  ...  Under the current design of Tor, once entry guards are compromised, the probability that an attacker observes both ends of a Tor circuit will be highly improved.  ...  hidden service request.  ... 
doi:10.14257/ijsia.2015.9.11.36 fatcat:wbeiy7zkanbmlopvmbram7l2cq

Critical Traffic Analysis on the Tor Network

Florian Platzer, Marcel Schäfer, Martin Steinebach
2021 Journal of Cyber Security and Mobility  
Tor is a widely-used anonymity network with more than two million daily users. A prominent feature of Tor is the hidden service architecture.  ...  In this work we describe a method to deanonymize any hidden service on Tor based on traffic analysis.  ...  The authors are responsible for the content of this publication.  ... 
doi:10.13052/jcsm2245-1439.1015 fatcat:whwocvw4v5cclgwuenn2hugyby

Traffic Confirmation Attacks Despite Noise [article]

Jamie Hayes
2016 arXiv   pre-print
The resulting attack has a low startup cost and achieves a true positive match rate of 80% when matching one flow out of 9000 with less than 2% false positives, showing traffic confirmation attacks can  ...  We propose a traffic confirmation attack on low-latency mix networks based on computing robust real-time binary hashes of network traffic flows.  ...  but may be tolerable for hidden services.  ... 
arXiv:1601.04893v2 fatcat:hqhokv342zacfcfz5rvqr7oaba

Tik-Tok: The Utility of Packet Timing in Website Fingerprinting Attacks [article]

Mohammad Saidur Rahman, Payap Sirinam, Nate Mathews, Kantha Girish Gangadhara, Matthew Wright
2020 arXiv   pre-print
A passive local eavesdropper can leverage Website Fingerprinting (WF) to deanonymize the web browsing activity of Tor users.  ...  Then we evaluate the effectiveness of both raw timing and directional timing which is a combination of raw timing and direction in a deep-learning-based WF attack.  ...  We give special thanks to Tao Wang for providing details about the technical implementation of the W-T defense, and to Marc Juarez for providing guidelines on developing the W-T prototype.  ... 
arXiv:1902.06421v4 fatcat:sik2drrqy5g7jmrpuvv7kcg7lu

Shedding Light on the Dark Corners of the Internet: A Survey of Tor Research [article]

Saad Saleh, Junaid Qadir, Muhammad U. Ilyas
2018 arXiv   pre-print
Quantitative analysis shows that the majority of research studies on Tor focus on 'deanonymization' the design of a breaching strategy.  ...  Anonymity services have seen high growth rates with increased usage in the past few years. Among various services, Tor is one of the most popular peer-to-peer anonymizing service.  ...  Timing Signature Attack: Elices et al. [47] presented a fingerprint analysis attack for Tor's hidden services.  ... 
arXiv:1803.02816v1 fatcat:kl5fkcq5tnbczblpgdesatocji

CARONTE

Srdjan Matic, Platon Kotzias, Juan Caballero
2015 Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security - CCS '15  
Compared to prior techniques that deanonymize hidden services CARONTE implements a novel approach that does not rely on flaws on the Tor protocol and assumes an open-world, i.e., it does not require a  ...  We apply CARONTE to 1,974 hidden services, fully recovering the IP address of 101 (5%) of them.  ...  All opinions, findings and conclusions, or recommendations expressed herein are those of the authors and do not necessarily reflect the views of the sponsors.  ... 
doi:10.1145/2810103.2813667 dblp:conf/ccs/MaticKC15 fatcat:mq7rvj7tn5hjll4qui3caihk5y

Tracing Website Attackers by Analyzing Onion Routers' Log Files

Yinan Pei, Kazumasa Oida
2020 IEEE Access  
Tor circuits and routers.  ...  According to [13] , the majority of Tor research has been devoted to deanonymization, the design of a breaching strategy.  ... 
doi:10.1109/access.2020.3010756 fatcat:ddzkken4u5akneenhidifsn7si

Tik-Tok: The Utility of Packet Timing in Website Fingerprinting Attacks

Mohammad Saidur Rahman, Payap Sirinam, Nate Mathews, Kantha Girish Gangadhara, Matthew Wright
2020 Proceedings on Privacy Enhancing Technologies  
AbstractA passive local eavesdropper can leverage Website Fingerprinting (WF) to deanonymize the web browsing activity of Tor users.  ...  Then we evaluate the effectiveness of both raw timing and directional timing which is a combination of raw timing and direction in a deep-learning-based WF attack.  ...  We give special thanks to Tao Wang for providing details about the technical implementation of the W-T defense, and to Marc Juarez for providing guidelines on developing the W-T prototype.  ... 
doi:10.2478/popets-2020-0043 fatcat:pgvdgvefivctdpx2ofqu6nnwo4

CellFlood: Attacking Tor Onion Routers on the Cheap [chapter]

Marco Valerio Barbera, Vasileios P. Kemerlis, Vasilis Pappas, Angelos D. Keromytis
2013 Lecture Notes in Computer Science  
In this paper, we introduce a new Denial-of-Service attack against Tor Onion Routers and we study its feasibility and implications.  ...  In particular, we exploit a design flaw in the way Tor software builds virtual circuits and demonstrate that an attacker needs only a fraction of the resources required by a network DoS attack for achieving  ...  Any opinions, findings, conclusions or recommendations expressed herein are those of the authors, and do not necessarily reflect those of the US Government, DARPA, or the NSF.  ... 
doi:10.1007/978-3-642-40203-6_37 fatcat:sgonlb3vi5euzearmossmvetx4

Measuring Information Leakage in Website Fingerprinting Attacks and Defenses [article]

Shuai Li, Huajun Guo, Nicholas Hopper
2019 arXiv   pre-print
Attacks using (features extracted from) this information to infer the website a user visits are called Website Fingerprinting (WF) attacks.  ...  Due to the design choice to minimize traffic overhead (and increase the pool of potential users) Tor allows some information about the client's connections to leak.  ...  More recent website fingerprinting attacks focus on Tor anonymous service, in which the unique packet length is hidden by fixed-size Tor cells. Cai et al.  ... 
arXiv:1710.06080v2 fatcat:t4j22sy4rnee5nndgpvyvm3gzu

Var-CNN and DynaFlow: Improved Attacks and Defenses for Website Fingerprinting [article]

Sanjit Bhat, David Lu, Albert Kwon, Srinivas Devadas
2018 arXiv   pre-print
Given the severity of our attacks, we also introduce a new countermeasure, DynaFlow, based on dynamically adjusting flows to protect against website fingerprinting attacks.  ...  In recent years, there have been many works that use website fingerprinting techniques to enable a local adversary to determine which website a Tor user is visiting.  ...  Acknowledgements This work was done as part of the MIT PRIMES program while Sanjit Bhat and David Lu were students at Acton-Boxborough Regional High School.  ... 
arXiv:1802.10215v1 fatcat:pmv5ejnupnaz3b5rz54cgm4qkm

Analysis of Fingerprinting Techniques for Tor Hidden Services

Andriy Panchenko, Asya Mitseva, Martin Henze, Fabian Lanze, Klaus Wehrle, Thomas Engel
2017 Proceedings of the 2017 on Workshop on Privacy in the Electronic Society - WPES '17  
We present a comprehensive comparison of the performance and limits of the state-of-the-art website fingerprinting attacks with respect to Tor hidden services.  ...  Although it has been shown that no existing fingerprinting method scales in Tor when applied in realistic settings, the case of Tor hidden (onion) services has not yet been considered in such scenarios  ...  Parts of this work have been funded by the Luxembourg National Research Fund (FNR) within the CORE Junior Track project PETIT, the EU H2020 projects Privacy Flag and SAINT.  ... 
doi:10.1145/3139550.3139564 dblp:conf/wpes/PanchenkoMHLWE17 fatcat:qkwn3e5tyreobcdhsesoxikkoe

TorBot Stalker: Detecting Tor Botnets Through Intelligent Circuit Data Analysis

Oluwatobi Fajana, Gareth Owenson, Mihaela Cocea
2018 2018 IEEE 17th International Symposium on Network Computing and Applications (NCA)  
Botnets are collections of infected computers that are controlled centrally by a botmaster, often for sending spam or launching denial of service attacks.  ...  We use machine learning to analyse and fingerprint the timings and frequency of Tor network circuit data when routing botnet traffic, and build a detection mechanism that is able to identify infected hosts  ...  Previous Tor fingerprinting methods have focused on deanonymizing web services.  ... 
doi:10.1109/nca.2018.8548313 dblp:conf/nca/FajanaOC18 fatcat:fxli4gnpazhmbek2o4cg5k3nqe

Honey Onions: a Framework for Characterizing and Identifying Misbehaving Tor HSDirs [article]

Amirali Sanatinia, Guevara Noubir
2016 arXiv   pre-print
Our experimental results indicate that during the period of the study (72 days) at least 110 such nodes were snooping information about hidden services they host.  ...  However, Tor remains a practical system with a variety of limitations, some of which were indeed exploited in the recent past.  ...  Other research looked at the content and popularity of hidden services and the leakage of .onion address. Biryukovhs et al.  ... 
arXiv:1610.06140v1 fatcat:d5ye72lq45h5zkyw2htwoei35u

Dropping on the Edge: Flexibility and Traffic Confirmation in Onion Routing Protocols

Florentin Rochet, Olivier Pereira
2018 Proceedings on Privacy Enhancing Technologies  
The design of Tor includes a feature that is common to most distributed systems: the protocol is flexible.  ...  This paper shows how to exploit this flexibility by proposing two new active attacks: one against onion services and the other against Tor clients.  ...  This bounty is now used to run extra Tor relays.  ... 
doi:10.1515/popets-2018-0011 dblp:journals/popets/RochetP18 fatcat:dzy772gupzccld2ejciqqfkdr4
« Previous Showing results 1 — 15 out of 61 results