The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network

21st Annual Network and Distributed System Security Symposium, NDSS 2014

Volumn , Issue , 2014, Pages

  Jansen, Rob ^a   Tschorsch, Florian ^b   Johnson, Aaron ^a   Scheuermann, Björn ^b  

^a NAVAL RESEARCH LABORATORY   (United States)

^b HUMBOLDT UNIVERSITY   (Germany)

Author keywords

[No Author keywords available]

Indexed keywords

BANDWIDTH; NETWORK SECURITY;

BANDWIDTH CAPACITY; DEANONYMIZATION; DENIALOF- SERVICE ATTACKS; END TO END; LOW-COSTS; ONION ROUTING; PROTOCOL MESSAGE; RELIABLE DATA TRANSPORT; ROUTING NETWORKS; TOR NETWORKS;

DENIAL-OF-SERVICE ATTACK;

EID: 85180623308     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.14722/ndss/2014.23288     Document Type: Conference Paper

References (45)

1. “OOM Killer,” http://linux-mm.org/OOM_Killer.
2. “R-U-Dead-Yet (RUDY),” https://code.google.com/p/r-u-dead-yet/.
3. “Shadow Source Code,” https://github.com/shadow/shadow.
4. “TC: A Tor control protocol (Version 1),” https://gitweb.torproject.org/torspec.git?a=blob_plain;hb=HEAD;f=control-spec.txt, Acc. June 2013.
5. “The Tor Path Simulator,” http://torps.github.io/.
6. “The Tor Project,” https://www.torproject.org/.
7. “Tor directory protocol, version 3,” https://gitweb.torproject.org/torspec.git?a=blob_plain;hb=HEAD;f=dir-spec.txt, Acc. July 2013.
8. “Tor Metrics Portal,” https://metrics.torproject.org.
9. F. Adamsky, S. A. Khayam, R. Jager, and M. Rajarajan, “Security Analysis of the Micro Transport Protocol with a Misbehaving Receiver,” in CyberC’12, Oct. 2012.
10. M. AlSabah, K. Bauer, I. Goldberg, D. Grunwald, D. McCoy, S. Savage, and G. Voelker, “DefenestraTor: Throwing out Windows in Tor,” in PETS’11, Jul. 2011.
11. K. Bauer, D. McCoy, D. Grunwald, T. Kohno, and D. Sicker, “Low-Resource Routing Attacks Against Tor,” in WPES’07, Oct. 2007.
12. A. Biryukov, I. Pustogarov, and R.-P. Weinmann, “Trawling for Tor Hidden Services: Detection, Measurement, Deanonymization,” in SP’13, May 2013.
13. N. Borisov, G. Danezis, P. Mittal, and P. Tabriz, “Denial of Service or Denial of Security?” in CCS’07, Oct. 2007.
14. T. Brenann, “OWASP HTTP Post Tool,” https://www.owasp.org/index.php/OWASP_HTTP_Post_Tool.
15. N. Danner, S. Defabbia-Kane, D. Krizanc, and M. Liberatore, “Effectiveness and Detection of Denial-of-Service Attacks in Tor,” ACM TISSEC, vol. 15, no. 3, Nov. 2012.
16. A. Das and N. Borisov, “Securing Anonymous Communication Channels under the Selective DoS Attack,” in FC’13.
17. R. Dingledine, “#6252 didn’t go far enough,” https://trac.torproject.org/projects/tor/ticket/9063, June 2013.
18. R. Dingledine, “#9063 enables Guard discovery in about an hour by websites,” https://trac.torproject.org/projects/tor/ticket/9072, June 2013.
19. R. Dingledine, N. Mathewson, and P. Syverson, “Tor: The Second-Generation Onion Router,” in USENIX Security’04, Aug. 2004.
20. W. Eddy, “TCP SYN Flooding Attacks and Common Mitigations,” RFC 4987, IETF, Aug. 2007.
21. T. Elahi, K. Bauer, M. AlSabah, R. Dingledine, and I. Goldberg, “Changing of the Guards: A Framework for Understanding and Improving Entry Guard Selection in Tor,” in WPES’12, Oct. 2012.
22. T. Elahi and I. Goldberg, “CORDON–A Taxonomy of Internet Censorship Resistance Strategies,” University of Waterloo CACR 2012-33, Tech. Rep., 2012.
23. N. S. Evans, R. Dingledine, and C. Grothoff, “A Practical Congestion Attack on Tor Using Long Paths,” in USENIX Security’09, Aug. 2009.
24. J. Geddes, R. Jansen, and N. Hopper, “How Low Can You Go: Balancing Performance with Anonymity in Tor,” in PETS’13, Jul. 2013.
25. D. M. Goldschlag, M. G. Reed, and P. F. Syverson, “Hiding Routing Information,” in IHW’01, May 1996.
26. ithilgore, “Exploiting TCP and the Persist Timer Infiniteness,” Phrack Magazine, vol. 0x0d, no. 0x42, Jun. 2009.
27. R. Jansen, K. Bauer, N. Hopper, and R. Dingledine, “Methodically Modeling the Tor Network,” in CSET’12, Aug. 2012.
28. R. Jansen and N. Hopper, “Shadow: Running Tor in a Box for Accurate and Efficient Experimentation,” in NDSS’12, Feb. 2012.
29. M. Kenney, “Ping of Death,” http://insecure.org/sploits/ping-o-death. html.
30. A. Kuzmanovic and E. W. Knightly, “Low-rate TCP-targeted Denial of Service Attacks and Counter Strategies,” IEEE/ACM TON, vol. 14, no. 4, 2006.
31. V. P. Marco Valerio Barbera, Vasileios P. Kemerlis and A. Keromytis, “CellFlood: Attacking Tor Onion Routers on the Cheap,” in ESORICS’13, Sep. 2013.
32. N. Mathewson, “We should have better, fairer OOM handling,” https://trac.torproject.org/projects/tor/ticket/9093, June 2013.
33. P. Mittal, A. Khurshid, J. Juen, M. Caesar, and N. Borisov, “Stealthy Traffic Analysis of Low-Latency Anonymous Communication Using Throughput Fingerprinting,” in CCS’11, Oct. 2011.
34. L. Øverlier and P. Syverson, “Locating Hidden Servers,” in SP’06, May 2006.
35. L. Øverlier and P. Syverson, “Valet Services: Improving Hidden Servers with a Personal Touch,” in PETS’06, Jun. 2006.
36. V. Pappas, E. Athanasopoulos, S. Ioannidis, and E. P. Markatos, “Compromising Anonymity Using Packet Spinning,” in ISC 08, Sep. 2008.
37. V. Paxson, M. Allman, J. Chu, and M. Sargent, “Computing TCP’s Retransmission Timer,” RFC 6298, IETF, Jun. 2011.
38. RSnake, “Slowloris HTTP DoS,” http://ha.ckers.org/slowloris/.
39. S. Savage, N. Cardwell, D. Wetherall, and T. Anderson, “TCP Congestion Control with a Misbehaving Receiver,” ACM SIGCOMM CCR, vol. 29, no. 5, 1999.
40. S. Shalunov, “Netkill – generic remote DoS attack,” http://seclists.org/bugtraq/2000/Apr/152, 2000.
41. R. Sherwood, B. Bhattacharjee, and R. Braud, “Misbehaving TCP Receivers Can Cause Internet-wide Congestion Collapse,” in CCS’05, Nov. 2005.
42. P. Syverson, G. Tsudik, M. Reed, and C. Landwehr, “Towards an Analysis of Onion Routing Security,” in DIAU’00, Jul. 2000.
43. F. Tschorsch and B. Scheuermann, “Tor is unfair – and what to do about it,” in LCN’11, Oct. 2011.
44. P. Winter and S. Lindskog, “How the Great Firewall of China is blocking Tor,” in FOCI’12, Aug. 2012.
45. C.-F. Yu and V. D. Gligor, “A Formal Specification and Verification Method for the Prevention of Denial of Service,” in SP’88, May 1988.