Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
167 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
42 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

An Extended View on Measuring Tor AS-level Adversaries (2403.08517v1)

Published 13 Mar 2024 in cs.NI, cs.CR, and cs.CY

Abstract: Tor provides anonymity to millions of users around the globe which has made it a valuable target for malicious actors. As a low-latency anonymity system, it is vulnerable to traffic correlation attacks from strong passive adversaries such as large autonomous systems (ASes). In preliminary work, we have developed a measurement approach utilizing the RIPE Atlas framework -- a network of more than 11,000 probes worldwide -- to infer the risk of deanonymization for IPv4 clients in Germany and the US. In this paper, we apply our methodology to additional scenarios providing a broader picture of the potential for deanonymization in the Tor network. In particular, we (a) repeat our earlier (2020) measurements in 2022 to observe changes over time, (b) adopt our approach for IPv6 to analyze the risk of deanonymization when using this next-generation Internet protocol, and (c) investigate the current situation in Russia, where censorship has been intensified after the beginning of Russia's full-scale invasion of Ukraine. According to our results, Tor provides user anonymity at consistent quality: While individual numbers vary in dependence of client and destination, we were able to identify ASes with the potential to conduct deanonymization attacks. For clients in Germany and the US, the overall picture, however, has not changed since 2020. In addition, the protocols (IPv4 vs. IPv6) do not significantly impact the risk of deanonymization. Russian users are able to securely evade censorship using Tor. Their general risk of deanonymization is, in fact, lower than in the other investigated countries. Beyond, the few ASes with the potential to successfully perform deanonymization are operated by Western companies, further reducing the risk for Russian users.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (36)
  1. LASTor: A Low-Latency AS-Aware Tor Client, in: Symposium on Security and Privacy, IEEE.
  2. Performance and Security Improvements for Tor: A Survey. ACM Computing Surveys (CSUR) .
  3. DeNASA: Destination-Naive AS-Awareness inAnonymous Communications. Proceedings on Privacy Enhancing Technologies .
  4. Towards Predicting Efficient and Anonymous Tor Circuits, in: USENIX Security Symposium.
  5. The lifecycle of a new relay. URL: https://blog.torproject.org/lifecycle-new-relay.
  6. How russia is trying to block tor. https://media.defcon.org/DEFCON30/DEFCON30presentations/RogerDingledine-HowRussiaistryingtoblockTor.pdf.
  7. Tor: The Second-Generation Onion Router:. Technical Report. Defense Technical Information Center. Fort Belvoir, VA. URL: http://www.dtic.mil/docs/citations/ADA465464, doi:10.21236/ADA465464.
  8. Improving the Privacy of Tor Onion Services, in: Ateniese, G., Venturi, D. (Eds.), Applied Cryptography and Network Security. Springer International Publishing, Cham. volume 13269, pp. 273–292. URL: https://link.springer.com/10.1007/978-3-031-09234-3_14, doi:10.1007/978-3-031-09234-3_14. series Title: Lecture Notes in Computer Science.
  9. AS-awareness in Tor path selection, in: Conference on Computer and Communications Security, ACM.
  10. Location Diversity in Anonymity Networks, in: Workshop on Privacy in the Electronic Society, ACM.
  11. Modeling on quicksand: Dealing with the scarcity of ground truth in interdomain routing data. ACM SIGCOMM Computer Communication Review .
  12. Inferring Complex AS Relationships, in: Internet Measurement Conference, ACM.
  13. DPSelect: A Differential Privacy Based Guard Relay Selection Algorithm for Tor. Proceedings on Privacy Enhancing Technologies .
  14. How Much Anonymity does Network Latency Leak? ACM Transactions on Information and System Security (TISSEC) .
  15. On the Accuracy of Tor Bandwidth Estimation, in: Hohlfeld, O., Lutu, A., Levin, D. (Eds.), Passive and Active Measurement. Springer International Publishing, Cham. volume 12671, pp. 481–498. URL: https://link.springer.com/10.1007/978-3-030-72582-2_28, doi:10.1007/978-3-030-72582-2_28. series Title: Lecture Notes in Computer Science.
  16. Users get routed: Traffic correlation on Tor by realistic adversaries, in: Conference on Computer and Communications Security, ACM.
  17. Defending tor from network adversaries: A case study of network path prediction. Proceedings on Privacy Enhancing Technologies 2015, 171–187.
  18. Actively probing routes for tor as-level adversaries with ripe atlas, in: IFIP International Conference on ICT Systems Security and Privacy Protection, Springer. pp. 234–247.
  19. Servers. Retrieved Sept. 19, 2022 from https://metrics.torproject.org/bubbles.html#as-exits-only.
  20. Websites blocked in russia since ukraine invasion. Retrieved Sept. 30, 2022 from https://www.top10vpn.com/research/websites-blocked-in-russia/.
  21. Stealthy Traffic Analysis of Low-Latency Anonymous Communication Using Throughput Fingerprinting, in: Conference on Computer and Communications Security, ACM.
  22. DeepCorr: Strong Flow Correlation Attacks on Tor Using Deep Learning, in: Conference on Computer and Communications Security, ACM.
  23. Measuring and Mitigating AS-level Adversaries Against Tor, in: Network and Distributed System Security Symposium (NDSS).
  24. Tranco: A Research-Oriented Top Sites Ranking Hardened Against Manipulation, in: Network and Distributed System Security Symposium.
  25. CLAPS: Client-Location-Aware Path Selection in Tor, in: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, ACM, Virtual Event USA. pp. 17–34. URL: https://dl.acm.org/doi/10.1145/3372297.3417279, doi:10.1145/3372297.3417279.
  26. RIPE Atlas: A global internet measurement network. Internet Protocol Journal 18.
  27. Counter-RAPTOR: Safeguarding Tor Against Active Routing Attacks, in: Symposium on Security and Privacy, IEEE.
  28. RAPTOR: Routing Attacks on Privacy in Tor, in: USENIX Security Symposium.
  29. Torproject, 2021. The state of ipv6 support on the tor network. Retrieved Sept. 30, 2022 from https://blog.torproject.org/state-of-ipv6-support-tor-network.
  30. Torproject, 2022a. Are hetzner servers in both the guard and middle position for a lot of tor circuits? observations from hetzner traffic numbers vs. own monitoring. Retrieved Sept. 30, 2022 from https://forum.torproject.net/t/are-hetzner-servers-in-both-the-guard-and-middle-position-for-a-lot-of-tor-circuits-observations-from-hetzner-traffic-numbers-vs-own-monitoring/1851.
  31. Torproject, 2022b. Tor protocol specifications. Retrieved Sept. 14, 2022 from https://gitweb.torproject.org/torspec.git/tree/.
  32. Anonymity on QuickSand: Using BGP to Compromise Tor, in: Proceedings of the 13th ACM Workshop on Hot Topics in Networks, ACM.
  33. An Empirical Evaluation of Relay Selection in Tor, in: Network and Distributed System Security Symposium.
  34. Guard Placement Attacks on Path Selection Algorithms for Tor. Proceedings on Privacy Enhancing Technologies .
  35. New blocks emerge in russia amid war in ukraine: An ooni network measurement analysis. Retrieved Sept. 30, 2022 from https://ooni.org/post/2022-russia-blocks-amid-ru-ua-conflict/.
  36. Russia started blocking tor. Retrieved Sept. 30, 2022 from https://ooni.org/post/2021-russia-blocks-tor/.
Citations (4)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now