7 research outputs found
Tor HTTP Usage and Information Leakage.
Abstract. This paper analyzes the web browsing behaviour of Tor users. By collecting HTTP requests we show which websites are of interest to Tor users and we determined an upper bound on how vulnerable Tor users are to sophisticated de-anonymization attacks: up to 78 % of the Tor users do not use Tor as suggested by the Tor community, namely to browse the web with TorButton. They could thus fall victim to deanonymization attacks by merely browsing the web. Around 1% of the requests could be used by an adversary for exploit piggybacking on vulnerable file formats. Another 7 % of all requests were generated by social networking sites which leak plenty of sensitive and identifying information. Due to the design of HTTP and Tor, we argue that HTTPS is currently the only effective countermeasure against de-anonymization and information leakage for HTTP over Tor
Spoiled Onions: Exposing Malicious Tor Exit Relays
Several hundred Tor exit relays together push more than 1 GiB/s of network
traffic. However, it is easy for exit relays to snoop and tamper with
anonymised network traffic and as all relays are run by independent volunteers,
not all of them are innocuous.
In this paper, we seek to expose malicious exit relays and document their
actions. First, we monitored the Tor network after developing a fast and
modular exit relay scanner. We implemented several scanning modules for
detecting common attacks and used them to probe all exit relays over a period
of four months. We discovered numerous malicious exit relays engaging in
different attacks. To reduce the attack surface users are exposed to, we
further discuss the design and implementation of a browser extension patch
which fetches and compares suspicious X.509 certificates over independent Tor
circuits.
Our work makes it possible to continuously monitor Tor exit relays. We are
able to detect and thwart many man-in-the-middle attacks which makes the
network safer for its users. All our code is available under a free license
Distributed Performance Measurement and Usability Assessment of the Tor Anonymization Network
While the Internet increasingly permeates everyday life of individuals around
the world, it becomes crucial to prevent unauthorized collection and abuse of
personalized information. Internet anonymization software such as Tor is an
important instrument to protect online privacy. However, due to the
performance overhead caused by Tor, many Internet users refrain from using it.
This causes a negative impact on the overall privacy provided by Tor, since it
depends on the size of the user community and availability of shared
resources. Detailed measurements about the performance of Tor are crucial for
solving this issue. This paper presents comparative experiments on Tor latency
and throughput for surfing to 500 popular websites from several locations
around the world during the period of 28 days. Furthermore, we compare these
measurements to critical latency thresholds gathered from web usability
research, including our own user studies. Our results indicate that without
massive future optimizations of Tor performance, it is unlikely that a larger
part of Internet users would adopt it for everyday usage. This leads to fewer
resources available to the Tor community than theoretically possible, and
increases the exposure of privacy-concerned individuals. Furthermore, this
could lead to an adoption barrier of similar privacy-enhancing technologies
for a Future Internet. View Full-Tex
Introducing the gMix Open Source Framework for Mix Implementations
Abstract. In this paper we introduce the open source software framework gMix which aims to simplify the implementation and evaluation of mix-based systems. gMix is targeted at researchers who want to evaluate new ideas and developers interested in building practical mix systems. The framework consists of a generic architecture structured in logical layers with a clear separation of concerns. Implementations of mix variants and supportive components are organized as plug-ins that can easily be exchanged and extended. We provide reference implementations for several well-known mix concepts
Tor HTTP Usage and Information Leakage
International audienceThis paper analyzes the web browsing behaviour of Tor users. By collecting HTTP requests we show which websites are of interest to Tor users and we determined an upper bound on how vulnerable Tor users are to sophisticated de-anonymization attacks: up to 78 % of the Tor users do not use Tor as suggested by the Tor community, namely to browse the web with TorButton. They could thus fall victim to de-anonymization attacks by merely browsing the web. Around 1% of the requests could be used by an adversary for exploit piggybacking on vulnerable file formats. Another 7 % of all requests were generated by social networking sites which leak plenty of sensitive and identifying information. Due to the design of HTTP and Tor, we argue that HTTPS is currently the only effective countermeasure against de-anonymization and information leakage for HTTP over Tor