Detecting traffic snooping in tor using decoys

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 6961 LNCS, Issue , 2011, Pages 222-241

  Chakravarty, Sambuddho ^a   Portokalidis, Georgios ^a   Polychronakis, Michalis ^a   Keromytis, Angelos D ^a  

^a Columbia University ^*  (United States)

Author keywords

[No Author keywords available]

Indexed keywords

ANONYMOUS COMMUNICATION; END-TO-END ENCRYPTION; PROTOTYPE IMPLEMENTATIONS; USER AUTHENTICATION; USER DATA; USER TRAFFICS;

CRYPTOGRAPHY; INTERNET PROTOCOLS; INTRUSION DETECTION; OVERLAY NETWORKS;

AUTHENTICATION;

EID: 84857297875     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-23644-0_12     Document Type: Conference Paper

References (36)

1. Anonymizer, Inc., http://www.anonymizer.com/
2. Anonymouse, http://anonymouse.org/
3. Inside Net Neutrality: Is your ISP filtering content?, http://www.macworld.com/article/132075/2008/02/netneutrality1.html
4. Rogue Nodes Turn Tor Anonymizer Into Eavesdropper's Paradise, http://www.wired.com/politics/security/news/2007/09/embassy-hacks
5. Tor Metrics Portal, http://metrics.torproject.org/
6. Tor Path Specification, https://gitweb.torproject.org/ torspec.git?a=blob plain;hb=HEAD;f=path-spec.txt
7. Bennett, K., Grothoff, C.: GAP - practical anonymous networking. In: Dingledine, R. (ed.) PET 2003. LNCS, vol. 2760, pp. 141-160. Springer, Heidelberg (2003)
8. Bowen, B.M., Hershkop, S., Keromytis, A.D., Stolfo, S.J.: Baiting Inside Attackers Using Decoy Documents. In: Proceedings of the 5th International ICST Conference on Security and Privacy in Communication Networks (SecureComm), pp. 51-70 (September 2009)
9. Bowen, B.M., Kemerlis, V.P., Prabhu, P., Keromytis, A.D., Stolfo, S.J.: Automating the injection of believable decoys to detect snooping. In: Proceedings of the Third ACM Conference on Wireless Network Security (WiSec), pp. 81-86 (2010)
10. Bowen, B.M., Salem, M.B., Hershkop, S., Keromytis, A.D., Stolfo, S.J.: Designing host and network sensors to mitigate the insider threat. IEEE Security and Privacy 7, 22-29 (2009)
11. Chaum, D.L.: Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms. Communications of the ACM 24(2), 84-90 (1981)
12. Danezis, G., Dingledine, R., Mathewson, N.: Mixminion: A Type III Anonymous Remailer, http://mixminion.net/
13. Díaz, C., Seys, S., Claessens, J., Preneel, B.: Towards measuring anonymity. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 54-68. Springer, Heidelberg (2003), http://portal.acm.org/citation.cfm?id= 1765299.1765304
14. Dingledine, R., Mathewson, N., Syverson, P.: Onion Routing, http://www.onion-router.net/
15. Dingledine, R., Mathewson, N., Syverson, P.: Tor: The Second-Generation Onion Router. In: Proceedings of the 13th USENIX Security Symposium), pp. 303-319 (August 2004)
16. Firesheep, http://codebutler.com/firesheep
17. The Honeynet Project, http://www.honeynet.org/
18. Isdal, T., Piatek, M., Krishnamurthy, A., Anderson, T.: Privacy-preserving P2P data sharing with oneswarm. In: Proceedings of the Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications (SIGCOMM), pp. 111-122 (2010)
19. JAP, http://anon.inf.tu-dresden.de/
20. McCanne, S., Leres, C., Jacobson, V.: Tcpdump and Libpcap, http://www.tcpdump.org/
21. Mccoy, D., Bauer, K., Grunwald, D., Kohno, T., Sicker, D.: Shining light in dark places: Understanding the tor network. In: Borisov, N., Goldberg, I. (eds.) PETS 2008. LNCS, vol. 5134, pp. 63-76. Springer, Heidelberg (2008)
22. Mulazzani, M., Huber, M., Weippl, E.R.: Tor HTTP usage and information leakage. In: De Decker, B., Schaumüller-Bichl, I. (eds.) CMS 2010. LNCS, vol. 6109, pp. 245-255. Springer, Heidelberg (2010)
23. Nikiforakis, N., Younan, Y., Joosen, W.: Hproxy: client-side detection of ssl stripping attacks. In: Kreibich, C., Jahnke, M. (eds.) DIMVA 2010. LNCS, vol. 6201, pp. 200-218. Springer, Heidelberg (2010)
24. Øverlier, L., Syverson, P.: Locating hidden servers. In: Proceedings of the IEEE Symposium on Security and Privacy (2006)
25. Provos, N.: A virtual honeypot framework. In: Proceedings of the 13th USENIX Security Symposium, pp. 1-14 (August 2004)
26. Reiter, M.K., Rubin, A.D.: Crowds: anonymity for web transactions. ACM Trans. Inf. Syst. Secur. 1, 66-92 (1998)
27. Sidiroglou, S., Stavrou, A., Keromytis, A.: Mediated overlay services (MOSES): Network security as a composable service. In: 2007 IEEE, Sarnoff Symposium, (April 30 - May 2) pp. 1-7 (2007)
28. Song, D.: dsniff, http://www.monkey.org/~dugsong/dsniff/
29. Spitzner, L.: Honeytokens: The Other Honeypot, http://www.symantec.com/ connect/articles/honeytokens-other-honeypot
30. Spitzner, L.: Honeypots: Catching the insider threat. In: Proceedings of the 19th Annual Computer Security Applications Conference, ACSAC (2003)
31. Stoll, C.: Stalking the wily hacker. Communications of the ACM 31(5), 484-497 (1988)
32. Stoll, C.: The cuckoo's egg: tracking a spy through the maze of computer espionage. Doubleday, New York, NY, USA (1989)
33. Team Furry: TOR exit-node doing MITM attacks, http://www.teamfurry.com/ wordpress/2007/11/20/tor-exit-node-doing-mitm-attacks/
34. Weaver, N., Sommer, R., Paxson, V.: Detecting forged tcp reset packets. In: Proceedings of the 16th Network and Distributed System Security Symposium, NDSS (2009)
35. Wright, M.K., Adler, M., Levine, B.N., Shields, C.: An analysis of the degradation of anonymous protocols. In: Proceedings of the Network and Distributed Security Symposium, NDSS (2002)
36. Yuill, J., Zappe, M., Denning, D., Feer, F.: Honeyfiles: Deceptive Files for Intrusion Detection. In: Proceedings of the 2nd IEEE Workshop on Information Assurance (WIA), pp. 116-122 (2004)