Abstract
Hidden service is a very important feature of Tor, which supports server operators to provide a variety of Internet services without revealing their locations. A large number of users rely on Tor hidden services to protect their anonymity. Around 30,000 servers are running hidden services every day [21]. However, hidden services are particularly vulnerable to traffic analysis attacks especially when the entry guard of a hidden server is compromised by an adversary. In this paper, we propose a multipath routing scheme for Tor hidden servers (mTorHS) to defend against traffic analysis attacks. By transferring data through multiple circuits between the hidden server and a special server rendezvous point (SRP), mTorHS is able to exploit flow splitting and flow merging to eliminate inter-cell correlations of the original flow. Experiments on the Shadow simulator [11] show that our scheme can effectively mitigate the risk of traffic analysis even when robust watermarking techniques are used.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
AlSabah, M., Bauer, K., Elahi, T., Goldberg, I.: The path less travelled: overcoming Tor’s bottlenecks with traffic splitting. In: De Cristofaro, E., Wright, M. (eds.) PETS 2013. LNCS, vol. 7981, pp. 143–163. Springer, Heidelberg (2013)
AlSabah, M., Bauer, K., Goldberg, I., Grunwald, D., McCoy, D., Savage, S., Voelker, G.M.: DefenestraTor: throwing out windows in Tor. In: Fischer-Hübner, S., Hopper, N. (eds.) PETS 2011. LNCS, vol. 6794, pp. 134–154. Springer, Heidelberg (2011)
Berthold, O., Federrath, H., Köpsell, S.: Web MIXes: a system for anonymous and unobservable internet access. In: Federrath, H. (ed.) Anonymity 2000. LNCS, vol. 2009, pp. 115–129. Springer, Heidelberg (2001)
Biryukov, A., Pustogarov, I., Weinmann, R.: Trawling for Tor hidden services: detection, measurement, deanonymization. In: 2013 IEEE Symposium on Security and Privacy (SP), pp. 80–94. IEEE (2013)
Dingledine, R., Mathewson, N., Syverson, P.: Tor: the second-generation onion router. In: Proc. of the 13th USENIX Security Symposium (2004)
Elahi, T., Bauer, K., AlSabah, M., Dingledine, R., Goldberg, I.: Changing of the guards: a framework for understanding and improving entry guard selection in Tor. In: Proceedings of the 2012 ACM Workshop on Privacy in the Electronic Society, pp. 43–54. ACM (2012)
Hopper, N.: Challenges in protecting tor hidden services from botnet abuse. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 316–325. Springer, Heidelberg (2014)
Houmansadr, A., Borisov, N.: Swirl: a scalable watermark to detect correlated network flows. In: Proceedings of the Network and Distributed Security Symposium - NDSS 2011. Internet Society, February 2011
Houmansadr, A., Kiyavash, N., Borisov, N.: Rainbow: a robust and invisible non-blind watermark for network flows. In: Proceedings of the Network and Distributed Security Symposium - NDSS 2009. Internet Society, February 2009
Anonymizer Inc. Anonymizer. https://www.anonymizer.com/
Jansen, R., Hopper, N.: Shadow: running Tor in a box for accurate and efficient experimentation. In: Proceedings of the Network and Distributed System Security Symposium - NDSS 2012, February 2012
Johnson, A., Wacek, C., Jansen, R., Sherr, M., Syverson, P.: Users get routed: traffic correlation on Tor by realistic adversaries. In: Proceedings of the 20th ACM Conference on Computer and Communications Security (2013)
Kiyavash, N., Houmansadr, A., Borisov, N.: Multi-flow attacks against network flow watermarking schemes. In: USENIX Security Symposium (2008)
Ling, Z., Luo, J., Yu, W., Fu, X., Xuan, D., Jia, W.: A new cell counter based attack against Tor. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 578–589. ACM (2009)
Murdoch, S.J.: Hot or not: revealing hidden services by their clock skew. In: Proc. of the 13th ACM Conf. on Computer and Communications Security (2006)
Øverlier, L., Syverson, P.: Locating hidden servers. In: Proceedings of the 2006 IEEE Symposium on Security and Privacy, May 2006
Pfitzmann, A., Waidner, M.: Networks without user observability. Computers & Security 6(2), 158–166 (1987)
Shmatikov, V., Wang, M.-H.: Timing analysis in low-latency mix networks: attacks and defenses. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol. 4189, pp. 18–33. Springer, Heidelberg (2006)
Tang, C., Goldberg, I.: An improved algorithm for Tor circuit scheduling. In: Proc. of the 2010 ACM Conf. on Computer and Communications Security (2010)
TorProject. Estimated Number of Clients in the Tor Network. https://metrics.torproject.org/clients-data.html
TorProject. Unique .onion Address. https://metrics.torproject.org/hidserv-dir-onions-seen.html
Wang, T., Bauer, K., Forero, C., Goldberg, I.: Congestion-aware path selection for Tor. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 98–113. Springer, Heidelberg (2012)
Wang, X., Chen, S., Jajodia, S.: Network flow watermarking attack on low-latency anonymous communication systems. In: IEEE Symposium on Security and Privacy, SP 2007, pp. 116–130. IEEE (2007)
Yang, L., Li, F.: mTor: a multipath Tor routing beyond bandwidth throttling. In: 2015 IEEE Conference on Communications and Network Security (CNS). IEEE (2015)
Zander, S., Murdoch, S.J.: An improved clock-skew measurement technique for revealing hidden services. In: USENIX Security Symposium (2008)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Yang, L., Li, F. (2015). Enhancing Traffic Analysis Resistance for Tor Hidden Services with Multipath Routing. In: Thuraisingham, B., Wang, X., Yegneswaran, V. (eds) Security and Privacy in Communication Networks. SecureComm 2015. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 164. Springer, Cham. https://doi.org/10.1007/978-3-319-28865-9_20
Download citation
DOI: https://doi.org/10.1007/978-3-319-28865-9_20
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-28864-2
Online ISBN: 978-3-319-28865-9
eBook Packages: Computer ScienceComputer Science (R0)