Spoiled onions: Exposing malicious Tor exit relays

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 8555 LNCS, Issue , 2014, Pages 304-331

  Winter, Philipp ^a   Köwer, Richard ^c   Mulazzani, Martin ^b   Huber, Markus ^b   Schrittwieser, Sebastian ^b   Lindskog, Stefan ^a   Weippl, Edgar ^b  

^a KARLSTAD UNIVERSITY   (Sweden)

^b SBA RESEARCH   (Austria)

^c Fachhochschule Campus Wien   (Austria)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER SCIENCE; COMPUTERS;

DIFFERENT ATTACKS; EXPOSED TO; MAN IN THE MIDDLE ATTACKS; NETWORK TRAFFIC; SCANNING MODULE; SOURCE CODES; TOR NETWORKS; X.509 CERTIFICATES;

ARTIFICIAL INTELLIGENCE;

EID: 84903973934     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-319-08506-7_16     Document Type: Conference Paper

References (37)

1. Alexa: The top 500 sites on the web (2013), http://www.alexa.com/topsites
2. Bernstein, D.J.: Curve25519: New Diffie-Hellman speed records. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 207-228. Springer, Heidelberg (2006), http://cr.yp.to/ecdh/curve25519-20060209. pdf
3. Le Blond, S., et al.: One Bad Apple Spoils the Bunch: Exploiting P2P Applications to Trace and Profile Tor Users. In: LEET. USENIX (2011), https://www.usenix.org/legacy/events/leet11/tech/ full-papers/LeBlond.pdf
4. Le Blond, S., et al.: Spying the World from Your Laptop: Identifying and Profiling Content Providers and Big Downloaders in BitTorrent. In: LEET. USENIX (2010), https://www.usenix.org/legacy/event/leet10/tech/ full-papers/LeBlond.pdf
5. Chakravarty, S., Portokalidis, G., Polychronakis, M., Keromytis, A.D.: Detecting Traffic Snooping in Tor Using Decoys. In: Sommer, R., Balzarotti, D., Maier, G. (eds.) RAID 2011. LNCS, vol. 6961, pp. 222-241. Springer, Heidelberg (2011), http://www.cs.columbia.edu/~mikepo/papers/ tordecoys.raid11.pdf
6. Crossbear, http://www.crossbear.org
7. Dingledine, R.: Re: Holy shit I caught 1 (2006), http://archives.seul. org/or/talk/Aug-2006/msg00262.html
8. Dingledine, R., Mathewson, N.: Anonymity Loves Company: Usability and the Network Effect. In: WEIS (2006), http://freehaven.net/doc/wupss04/usability.pdf
9. Dingledine, R., Mathewson, N.: Tor Protocol Specification, https://gitweb.torproject.org/torspec.git?a= blob-plain;hb=HEAD;f=torspec.txt
10. Dingledine, R., Mathewson, N., Syverson, P.: Tor: The Second-Generation Onion Router. In: USENIX Security. USENIX (2004), http://static.usenix.org/ event/sec04/tech/full-papers/ dingledine/dingledine.pdf
11. Electronic Frontier Foundation. HTTPS Everywhere (2013), https://www.eff.org/https-everywhere
12. Goldberg, I.: On the Security of the Tor Authentication Protocol. In: Danezis, G., Golle, P. (eds.) PET 2006. LNCS, vol. 4258, pp. 316-331. Springer, Heidelberg (2006), http://freehaven.net/anonbib/cache/tap:pet2006.pdf
13. Haim, D.: SocksiPy - A Python SOCKS client module (2006), http://socksipy.sourceforge.net
14. Hodges, J., Jackson, C., Barth, A.: HTTP Strict Transport Security, HSTS (2012), https://tools.ietf.org/html/rfc6797
15. Hodges, J., Jackson, C., Barth, A.: RFC 6797: HTTP Strict Transport Security, HSTS (2012), https://tools.ietf.org/html/rfc6797
16. Huber, M., Mulazzani, M.,Weippl, E.: Tor HTTP Usage and Information Leakage. In: De Decker, B., Schaumüller-Bichl, I. (eds.) CMS 2010. LNCS, vol. 6109, pp. 245-255. Springer, Heidelberg (2010), http://freehaven.net/ anonbib/cache/huber2010tor.pdf
17. InformAction. NoScript (2013), http://noscript.net
18. Known Bad Relays, https://trac.torproject.org/projects/tor/wiki/doc/ badRelays
19. Thoughtcrime Labs. Convergence (2011), http://convergence.io
20. Langley, A.: Public key pinning (2011), https://www.imperialviolet.org/ 2011/05/04/pinning.html
21. Lowe, G., Winters, P., Marcus, M.L.: The Great DNS Wall of China. Tech. rep. New York University (2007), http://cs.nyu.edu/~pcw216/work/nds/final.pdf
22. Marlinspike, M.: sslstrip, http://www.thoughtcrime.org/software/sslstrip/
23. Marlinspike, M.: tortunnel, http://www.thoughtcrime.org/software/ tortunnel/
24. McCoy, D., Bauer, K., Grunwald, D., Kohno, T., Sicker, D.C.: Shining Light in Dark Places: Understanding the Tor Network. In: Borisov, N., Goldberg, I. (eds.) PETS 2008. LNCS, vol. 5134, pp. 63-76. Springer, Heidelberg (2008), http://homes.cs.washington.edu/~yoshi/papers/ Tor/PETS2008-37.pdf
25. Paul, R.: Security expert used Tor to collect government e-mail passwords (2007), http://arstechnica.com/security/2007/09/security-expert-used- tor-to-collect-government-e-mail-passwords/
26. Perry, M., Clark, E., Murdoch, S.: The Design and Implementation of the Tor Browser [DRAFT] (2013), https://www.torproject.org/projects/torbrowser/ design/
27. SkullSecurity. Passwords (2011), https://wiki.skullsecurity.org/Passwords
28. SoftCom, Inc. Email Hosting Services, http://mail2web.com
29. The Tor Project. ExoneraTor, https://exonerator.torproject.org
30. The Tor Project. Relays with Exit, Fast, Guard, Stable, and HSDir flags, https://metrics.torproject.org/network.html#relayflags
31. The Tor Project. Snakes on a Tor, https://gitweb.torproject.org/ torflow.git/tree/HEAD:/NetworkScanners/ExitAuthority
32. The Tor Project. Stem Docs, https://stem.torproject.org
33. The Tor Project. TC: A Tor control protocol (Version 1), https://gitweb.torproject.org/torspec.git/ blob/HEAD:/control-spec.txt
34. TOR exit-node doing MITM attacks, http://www.teamfurry.com/ wordpress/2007/11/20/tor-exit-node-doing-mitmattacks
35. Torscanner, https://code.google.com/p/torscanner/
36. Torsocks: use socks-friendly applications with Tor, https://code.google. com/p/torsocks/
37. Wendlandt, D., Andersen, D.G., Perrig, A.: Perspectives: Improving SSHstyle Host Authentication with Multi-Path Probing. In: ATC. USENIX (2008), http://perspectivessecurity.files.wordpress.com/ 2011/07/perspectives-usenix08. pdf