MOR: Monitoring and Measurements through the Onion Router

  • Demetris Antoniades
  • Evangelos P. Markatos
  • Constantine Dovrolis
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6032)


A free and easy to use distributed monitoring and measurement platform would be valuable in several applications: monitoring network or server infrastructures, performing research experiments using many ISPs and test nodes, or checking for network neutrality violations performed by service providers. In this paper we present MOR, a technique for performing distributed measurement and monitoring tasks using the geographically diverse infrastructure of the Tor anonymizing network. Through several case studies, we show the applicability and value of MOR in revealing the structure and function of large hosting infrastructures and detecting network neutrality violations. Our experiments show that about 7.5% of the tested organizations block at least one popular application port and about 5.5% of them modify HTTP headers.


Connection Request Port Number Network Neutrality Exit Node Deep Packet Inspection 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Acquisti, A., Dingledine, R., Syverson, P.: On the Economics of Anonymity. In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 84–102. Springer, Heidelberg (2003)Google Scholar
  2. 2.
    Antoniades, D., et al.: One-Click Hosting Services: A File-Sharing Hideout. In: Proceedings of the ACM/SIGCOMM conference on Internet Measurements (November 2009)Google Scholar
  3. 3.
    Athanasopoulos, E., Anagnostakis, K., Markatos, E.: Misusing Unstructured P2P Systems to Perform DoS Attacks: The Network That Never Forgets. In: Proceedings of the 4th International Conference on Applied Cryptography and Network Security (June 2006)Google Scholar
  4. 4.
    Athanasopoulos, E., et al.: GAS: Overloading a File Sharing Network as an Anonymizing System. In: Proceedings of the 2nd International Workshop on Security (2007)Google Scholar
  5. 5.
    Barth, A., Jackson, C., Mitchell, J.: Robust Defenses for Cross-Site Request Forgery. In: Proceedings of the 15th ACM conference on Computer and Communications security (2008)Google Scholar
  6. 6.
    Baset, S., Schulzrinne, H.: An Analysis of the Skype Peer-To-Peer Internet Telephony Protocol. In: IEEE International Conference on Computer Communications (2006)Google Scholar
  7. 7.
    Beverly, R., et al.: The Internet’s Not a Big Truck: Toward Quantifying Network Neutrality. In: Proceedings of the 8th Passive and Active Measurement Workshop (April 2007)Google Scholar
  8. 8.
    Borisov, N., Danezis, G., Mittal, P., Tabriz, P.: Denial of Service or Denial of Security? How Attacks on Reliability can Compromise Anonymity. In: Proceedings of the 14th ACM Conference on Computer and Communication Security (October 2007)Google Scholar
  9. 9.
    Chaum, D.L.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM 24(2) (1981)Google Scholar
  10. 10.
    Chun, B., et al.: Planetlab: an overlay testbed for broad-coverage services. SIGCOMM Comput. Commun. Rev. 33(3), 3–12 (2003)CrossRefGoogle Scholar
  11. 11.
    Dingledine, R., Mathewson, N.: Anonymity Loves Company: Usability and the Network Effect. In: Proceedings of the Fifth Workshop on the Economics of Information Security (WEIS 2006) (June 2006)Google Scholar
  12. 12.
    Dingledine, R., Mathewson, N., Syverson, P.: Tor: the Second-Generation Onion Router. In: Proceedings of the 13th conference on USENIX Security Symposium (2004)Google Scholar
  13. 13.
    Evans, N., Dingledine, R., Grothoff, C.: A Practical Congestion Attack on Tor Using Long Paths. In: Proceedings of the 18th USENIX Security Symposium (August 2009)Google Scholar
  14. 14.
    Goldschlag, D.M., Reed, M.G., Syverson, P.F.: Hiding Routing Information. In: Proceedings of Information Hiding: First International Workshop (May 1996)Google Scholar
  15. 15.
    K. Loesing. Measuring The Tor Network: Evaluation of Client Requests to the Directories (2009),
  16. 16.
    McCoy, D., et al.: Shining Light in Dark Places: Understanding the Tor Network. In: Proceedings of the 8th International Symposium on Privacy Enhancing Technologies (July 2008)Google Scholar
  17. 17.
    Murdoch, S.J., Danezis, G.: Low-Cost Traffic Analysis of Tor. In: Proceedings of the 2005 IEEE Symposium on Security and Privacy (May 2005)Google Scholar
  18. 18.
    Pappas, V., et al.: Compromising Anonymity Using Packet Spinning. In: Proceedings of the 11th Information Security Conference (September 2008)Google Scholar
  19. 19.
    Reis, C., et al.: Detecting In-flight Page Changes with Web Tripwires. In: Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation (2008)Google Scholar
  20. 20.
    Snader, R., et al.: A Tune-up for Tor: Improving Security and Performance in the Tor Network. In: Proceedings of the Network and Distributed Security Symposium (February 2008)Google Scholar
  21. 21.
    Spring, N., Peterson, L., Bavier, A., Pai, V.: Using PlanetLab for Network Research: Myths, Realities, and Best Practices. SIGOPS Oper. Syst. Rev. 40(1), 17–24 (2006)CrossRefGoogle Scholar
  22. 22.

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Demetris Antoniades
    • 1
  • Evangelos P. Markatos
    • 1
  • Constantine Dovrolis
    • 2
  1. 1.Institute of Computer Science, Foundation for Research & Technology Hellas 
  2. 2.College of Computing, Georgia Institute of Technology 

Personalised recommendations