Raptor: Routing attacks on privacy in tor

Proceedings of the 24th USENIX Security Symposium

Volumn , Issue , 2015, Pages 271-286

  Sun, Yixin ^a   Edmundson, Anne ^a   Vanbever, Laurent ^b   Li, Oscar ^a   Rexford, Jennifer ^a   Chiang, Mung ^a   Mittal, Prateek ^a  

^a PRINCETON UNIVERSITY   (United States)

^b ETH ZURICH   (Switzerland)

Author keywords

[No Author keywords available]

Indexed keywords

SEA ICE;

ANONYMOUS COMMUNICATION; ASYMMETRIC NATURES; AUTONOMOUS SYSTEMS; COMMUNICATION PATH; INTERNET ROUTING; MONITORING FRAMEWORKS; REAL-WORLD ATTACK; TRAFFIC ANALYSIS;

NETWORK SECURITY;

EID: 85069201566     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (54)

1. BGP hijacking for cryptocurrency profit. http://www.secureworks.com/ cyber-threat-intelligence/threats/ bgp-hijacking-for-cryptocurrency-profit/.
2. Bgpmon: Hijack by AS4761 Indosat - a quick report. http://www.bgpmon.net/hijack-by-as4761-indosat-a-quick-report/.
3. BGPMon: Hijack Event Today by Indosat. http://www.bgpmon.net/hijack-event-today-by-indosat/.
4. CollecTor: Your friendly data-collecting service in the Tor network. https://collector.torproject.org/.
5. RIPE Atlas. https://atlas.ripe.net/.
6. RIPE RIS Raw Data. https://www.ripe.net/data-tools/stats/ris/ris-raw-data.
7. Routeviews. http://www.routeviews.org/.
8. Tor metrics portal. https://metrics.torproject.org. Accessed, February 2015.
9. Who uses Tor? https://www.torproject.org/about/torusers.html.en. Accessed, February 2015.
10. How the NSA attacks Tor/Firefox users with QUANTUM and FOXACID. https://www.schneier.com/blog/archives/2013/ 10/how_the_nsa_att.html, Oct. 2013.
11. Peeling back the layers of Tor with EgotisticalGiraffe. http://www.theguardian.com/world/interactive/2013/oct/04/ egotistical-giraffe-nsa-tor-document, Oct. 2013.
12. Tor stinks. http://www.theguardian.com/world/interactive/2013/oct/04/ tor-stinks-nsa-presentation-document, Oct. 2013.
13. AKHOONDI, M., YU, C., AND MADHYASTHA, H. V. Lastor: A low-latency AS-aware Tor client. In Proceedings of the 2012 IEEE Symposium on Security and Privacy (Washington, DC, USA, 2012), SP’12, IEEE Computer Society, pp. 476–490.
14. ARNBAK, A., AND GOLDBERG, S. Loopholes for circumventing the constitution: Warrantless bulk surveillance on americans by collecting network traffic abroad. In HotPETs (2014). Available at http://ssrn.com/abstract=2460462.
15. BALL, J. NSA stores metadata of millions of web users for up to a year, secret files show. http://www.theguardian.com/world/2013/sep/30/ nsa-americans-metadata-year-documents, Sep. 2013.
16. BALLANI, H., FRANCIS, P., AND ZHANG, X. A study of prefix hijacking and interception in the Internet. In Proceedings of the 2007 Conference on Applications, Technologies, Architectures, andProtocols for Computer Communications (New York, NY, USA, 2007), SIGCOMM’07, ACM, pp. 265–276.
17. BOLDYREVA, A., AND LYCHEV, R. Provable security of S-BGP and other path vector protocols: Model, analysis and extensions. In Proceedings of the 2012 ACM Conference on Computer and Communications Security (New York, NY, USA, 2012), CCS’12, ACM, pp. 541–552.
18. BRANDOM, R. FBI agents tracked harvard bomb threats despite Tor. http://www.theverge.com/2013/12/18/5224130/fbiagents-tracked-harvard-bomb-threats-across-tor. Accessed, July 2014.
19. CHAN, H., DASH, D., PERRIG, A., AND ZHANG, H. Modeling adoptability of secure BGP protocol. In Proceedings of the 2006 Conference on Applications, Technologies, Architectures, andProtocols for Computer Communications (New York, NY, USA, 2006), SIGCOMM’06, ACM, pp. 279–290.
20. CHUN CHENG, P., ZHAO, X., ZHANG, B., AND ZHANG, L. Longitudinal Study of BGP Monitor Session Failures. ACM SIGCOMM Computer Communication Review (CCR) (April 2010).
21. CLARKE, I., SANDBERG, O., WILEY, B., AND HONG, T. W. Freenet: A distributed anonymous information storage and retrieval system. In International Workshop on Designing Privacy Enhancing Technologies: Design Issues in Anonymity and Unobservability (New York, NY, USA, 2001), Springer-Verlag New York, Inc., pp. 46–66.
22. DANEZIS, G. Mix-networks with restricted routes. In Privacy Enhancing Technologies, R. Dingledine, Ed., vol. 2760 of Lecture Notes in Computer Science. Springer Berlin Heidelberg, 2003, pp. 1–17.
23. DANEZIS, G., DINGLEDINE, R., AND MATHEWSON, N. Mixminion: Design of a type iii anonymous remailer protocol. In Proceedings of the 2003 IEEE Symposium on Security and Privacy (Washington, DC, USA, 2003), SP’03, IEEE Computer Society, pp. 2–.
24. DINGLEDINE, R., HOPPER, N., KADIANAKIS, G., AND MATHEWSON, N. One fast guard for life (or 9 months). In HotPETs (2014).
25. DINGLEDINE, R., MATHEWSON, N., AND SYVERSON, P. Tor: The second-generation onion router. In Proceedings of the 13th Conference on USENIX Security Symposium - Volume 13 (Berkeley, CA, USA, 2004), SSYM’04, USENIX Association.
26. EDMAN, M., AND SYVERSON, P. AS-awareness in Tor path selection. In Proceedings of the 16th ACM Conference on Computer and Communications Security (New York, NY, USA, 2009), CCS ’09, ACM, pp. 380–389.
27. EVANS, N. S., DINGLEDINE, R., AND GROTHOFF, C. A practical congestion attack on Tor using long paths. In Proceedings of the 18th Conference on USENIX Security Symposium (Berkeley, CA, USA, 2009), SSYM’09, USENIX Association, pp. 33–50.
28. FEAMSTER, N., AND DINGLEDINE, R. Location diversity in anonymity networks. In Proceedings of the 2004 ACM Workshop on Privacy in the Electronic Society (New York, NY, USA, 2004), WPES ’04, ACM, pp. 66–76.
29. GILL, P., SCHAPIRA, M., AND GOLDBERG, S. Let the market drive deployment: A strategy for transitioning to BGP security. In Proceedings of the ACM SIGCOMM 2011 Conference (New York, NY, USA, 2011), SIGCOMM’11, ACM, pp. 14–25.
30. HOPPER, N., VASSERMAN, E. Y., AND CHAN-TIN, E. How much anonymity does network latency leak? In Proceedings of the 14th ACM Conference on Computer and Communications Security (New York, NY, USA, 2007), CCS’07, ACM, pp. 82–91.
31. HOPPER, N., VASSERMAN, E. Y., AND CHAN-TIN, E. How much anonymity does network latency leak? ACM Trans. Inf. Syst. Secur. 13, 2 (Mar. 2010), 13:1–13:28.
32. HU, Y.-C., PERRIG, A., AND SIRBU, M. Spv: Secure path vector routing for securing BGP. In Proceedings of the 2004 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications (New York, NY, USA, 2004), SIGCOMM’04, ACM, pp. 179–192.
33. JANSEN, R., TSCHORSCH, F., JOHNSON, A., AND SCHEUERMANN, B. The sniper attack: Anonymously deanonymizing and disabling the Tor network. In Proceedings of the 21st Annual Network and Distributed System Security Symposium (NDSS’14) (2014), Internet Society.
34. JOHNSON, A., WACEK, C., JANSEN, R., SHERR, M., AND SYVERSON, P. Users get routed: Traffic correlation on Tor by realistic adversaries. In Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security (New York, NY, USA, 2013), CCS’13, ACM, pp. 337–348.
35. JUEN, J. Protecting anonymity in the presence of autonomous system and Internet exchange level adversaries, 2012. MS Thesis, University of Illinois at Urbana-Champaign.
36. MACASKILL, E., BORGER, J., HOPKINS, N., DAVIES, N., AND BALL, J. GCHQ taps fibre-optic cables for secret access to world’s communications. http://www.theguardian.com/uk/2013/jun/21/ gchq-cables-secret-world-communications-nsa, June 2013.
37. MITTAL, P., KHURSHID, A., JUEN, J., CAESAR, M., AND BORISOV, N. Stealthy traffic analysis of low-latency anonymous communication using throughput fingerprinting. In Proceedings of the 18th ACM Conference on Computer and Communications Security (New York, NY, USA, 2011), CCS ’11, ACM, pp. 215–226.
38. MÖLLER, U., COTTRELL, L., PALFRADER, P., AND SASSAMAN, L. Mixmaster Protocol — Version 2. IETF Internet Draft, July 2003.
39. MURDOCH, S. J., AND DANEZIS, G. Low-cost traffic analysis of Tor. In Proceedings of the 2005 IEEE Symposium on Security and Privacy (Washington, DC, USA, 2005), SP’05, IEEE Computer Society, pp. 183–195.
40. MURDOCH, S. J., AND ZIELINSKI, P. Sampled traffic analysis by Internet-exchange-level adversaries. In Proceedings of the 7th International Conference on Privacy Enhancing Technologies (Berlin, Heidelberg, 2007), PET’07, Springer-Verlag, pp. 167–183.
41. OORSCHOT, P. V., WAN, T., AND KRANAKIS, E. On interdomain routing security and pretty secure BGP (psBGP). ACM Trans. Inf. Syst. Secur. 10, 3 (July 2007).
42. OVERLIER, L., AND SYVERSON, P. Locating hidden servers. In Security and Privacy, 2006 IEEE Symposium on (May 2006), pp. 100–114.
43. SCHLINKER, B., ZARIFIS, K., CUNHA, I., FEAMSTER, N., AND KATZ-BASSETT, E. PEERING: An AS for us. In Proceedings of the 13th ACM Workshop on Hot Topics in Networks (New York, NY, USA, 2014), HotNets-XIII, ACM, pp. 18:1–18:7.
44. SHI, X., XIANG, Y., WANG, Z., YIN, X., AND WU, J. Detecting prefix hijackings in the Internet with Argus. In Proceedings of the 2012 ACM Conference on Internet Measurement Conference (New York, NY, USA, 2012), IMC’12, ACM, pp. 15–28.
45. SHMATIKOV, V., AND WANG, M.-H. Timing analysis in low-latency mix networks: Attacks and defenses. In Proceedings of the 11th European Conference on Research in Computer Security (Berlin, Heidelberg, 2006), ESORICS’06, Springer-Verlag, pp. 18–33.
46. SYVERSON, P., TSUDIK, G., REED, M., AND LANDWEHR, C. Towards an analysis of onion routing security. In International Workshop on Designing Privacy Enhancing Technologies: Design Issues in Anonymity and Unobservability (New York, NY, USA, 2001), Springer-Verlag New York, Inc., pp. 96–114.
47. TIMPANARO, J. P., CHRISMENT, I., AND FES-TOR, O. A bird’s eye view on the I2P anonymous file-sharing environment. In Proceedings of the 6th International Conference on Network and System Security (Berlin, Heidelberg, 2012), NSS’12, Springer-Verlag, pp. 135–148.
48. VANBEVER, L., LI, O., REXFORD, J., AND MITTAL, P. Anonymity on quicksand: Using BGP to compromise Tor. In Proceedings of the 13th ACM Workshop on Hot Topics in Networks (New York, NY, USA, 2014), HotNets-XIII, ACM, pp. 14:1–14:7.
49. WRIGHT, M., ADLER, M., LEVINE, B. N., AND SHIELDS, C. Defending anonymous communications against passive logging attacks. In Proceedings of the 2003 IEEE Symposium on Security and Privacy (Washington, DC, USA, 2003), SP’03, IEEE Computer Society.
50. ZEILEMAKER, N., AND POUWELSE, J. Open source column: Tribler: P2P search, share and stream. SIGMultimedia Rec. 4, 1 (Mar. 2012), 20–24.
51. ZHANG, Z., ZHANG, Y., HU, Y. C., AND MAO, Z. M. Practical defenses against BGP prefix hijacking. In Proceedings of the 2007 ACM CoNEXT Conference (New York, NY, USA, 2007), CoNEXT ’07, ACM.
52. ZHANG, Z., ZHANG, Y., HU, Y. C., MAO, Z. M., AND BUSH, R. iSPY: Detecting IP prefix hijacking on my own. IEEE/ACM Trans. Netw. 18, 6 (Dec. 2010), 1815–1828.
53. ZHENG, C., JI, L., PEI, D., WANG, J., AND FRANCIS, P. A light-weight distributed scheme for detecting IP prefix hijacks in real-time. In Proceedings of the 2007 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications (New York, NY, USA, 2007), SIGCOMM’07, ACM, pp. 277–288.
54. ZHU, Y., FU, X., GRAHAM, B., BETTATI, R., AND ZHAO, W. On flow correlation attacks and countermeasures in mix networks. In Proceedings of the 4th International Conference on Privacy Enhancing Technologies (Berlin, Heidelberg, 2005), PET’04, Springer-Verlag, pp. 207–225.