Detecting Denial of Service Attacks in Tor

  • Norman Danner
  • Danny Krizanc
  • Marc Liberatore
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5628)


Tor is currently one of the more popular systems for anonymizing near real-time communications on the Internet. Recently, Borisov et al. proposed a denial of service based attack on Tor (and related systems) that significantly increases the probability of compromising the anonymity provided. In this paper, we propose an algorithm for detecting such attacks and examine the effectiveness of the obvious approach to evading such detection. We implement a simplified version of the detection algorithm and study whether the attack may be in progress on the current Tor network. Our preliminary measurements indicate that the attack was probably not implemented during the period we observed the network.


Anonymity reliability denial of service attack detection 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bauer, K., McCoy, D., Grunwald, D., Kohno, T., Sicker, D.: Low-resource routing attacks against tor. In: WPES ’07: Proceedings of the 2007 ACM Workshop on Privacy in Electronic Society, pp. 11–20. ACM Press, New York (2007)CrossRefGoogle Scholar
  2. 2.
    Borisov, N., Danezis, G., Mittal, P., Tabriz, P.: Denial of service or denial of security? How attacks on reliability can compromise anonymity. In: CCS 2007: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 92–102. ACM Press, New York (2007)Google Scholar
  3. 3.
    Dingledine, R., Mathewson, N., Syverson, P.: Tor: The second-generation onion router. In: Proceedings of the 13th USENIX Security Symposium, August 2004, pp. 303–320 (2004)Google Scholar
  4. 4.
    Levine, B.N., Reiter, M.K., Wang, C., Wright, M.K.: Timing attacks in low-latency mix-based systems. In: Juels, A. (ed.) FC 2004. LNCS, vol. 3110, pp. 251–265. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  5. 5.
    Overlier, L., Syverson, P.: Locating hidden servers. In: 2006 IEEE Symposium on Security and Privacy, pp. 100–114. IEEE Computer Society Press, Los Alamitos (2006)Google Scholar
  6. 6.
    Syverson, P., Tsudik, G., Reed, M., Landwehr, C.: Towards an analysis of onion routing security. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 96–114. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  7. 7.
    Wright, M., Adler, M., Levine, B.N., Shields, C.: An analysis of the degradation of anonymous protocols. In: Proceedings of the Network and Distributed System Security Symposium (NDSS 2002), pp. 38–50. Internet Society (February 2002)Google Scholar
  8. 8.
    Wright, M., Adler, M., Levine, B.N., Shields, C.: Defending anonymous communication against passive logging attacks. In: Proceedings of the 2003 Symposium on Security and Privacy, pp. 28–41. IEEE Computer Society Press, Los Alamitos (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Norman Danner
    • 1
  • Danny Krizanc
    • 1
  • Marc Liberatore
    • 1
  1. 1.Department of Mathematics and Computer ScienceWesleyan UniversityMiddletownUSA

Personalised recommendations