research-article

Effectiveness and detection of denial-of-service attacks in tor

Authors:

Sam Defabbia-Kane,

Marc LiberatoreAuthors Info & Claims

ACM Transactions on Information and System Security (TISSEC), Volume 15, Issue 3

Article No.: 11, Pages 1 - 25

https://doi.org/10.1145/2382448.2382449

Published: 30 November 2012 Publication History

Abstract

Tor is one of the more popular systems for anonymizing near-real-time communications on the Internet. Borisov et al. [2007] proposed a denial-of-service-based attack on Tor (and related systems) that significantly increases the probability of compromising the anonymity provided. In this article, we analyze the effectiveness of the attack using both an analytic model and simulation. We also describe two algorithms for detecting such attacks, one deterministic and proved correct, the other probabilistic and verified in simulation.

References

[1]

Bauer, K., McCoy, D., Grunwald, D., Kohno, T., and Sicker, D. 2007. Low-Resource routing attacks against Tor. In Proceedings of the ACM Workshop on Privacy in Electronic Society (WPES 07). ACM Press, 11--20.

Digital Library

[2]

Borisov, N., Danezis, G., Mittal, P., and Tabriz, P. 2007. Denial of service or denial of security&quest; How attacks on reliability can compromise anonymity. In Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS 07). ACM Press, 92--102.

Digital Library

[3]

Danezis, G. and Sassaman, L. 2003. Heartbeat traffic to counter (n-1) attacks. In Proceedings of the Workshop on Privacy in the Electronic Society (WPES 03).

Digital Library

[4]

Danner, N., Krizanc, D., and Liberatore, M. 2009. Detecting denial of service attacks in Tor. In Proceedings of the 13th International Conference on Financial Cryptography and Data Security (FC 09). Lecture Notes in Computer Science, vol. 5628, Springer, 273--284.

Digital Library

[5]

Das, A. and Borisov, N. 2011. Securing Tor tunnels under the selective DoS attack. arXiv:1107.3863v1 {cs.CR}.

[6]

Dingledine, R., Mathewson, N., and Syverson, P. 2004a. Tor: The second-generation onion router. In Proceedings of the 13th USENIX Security Symposium. 303--320.

Digital Library

[7]

Dingledine, R., Shmatikov, V., and Syverson, P. 2004b. Synchronous batching: From cascades to free routes. In Proceedings of Privacy Enhancing Technologies Workshop (PET 04). Lecture Notes in Computer Science, vol. 3424, Springer, 186--206.

Digital Library

[8]

Levine, B. N., Reiter, M. K., Wang, C., and Wright, M. K. 2004. Timing attacks in low-latency mix-based systems. In Proceedings of the 8th International Conference on Financial Cryptography (FC 04), A. Juels, Ed., Lecture Notes in Computer Science, vol. 3110, Springer, 251--265.

[9]

Murdoch, S. J. 2006. Hot or not: Revealing hidden services by their clock skew. In Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS 06). ACM Press, 27--36.

Digital Library

[10]

Murdoch, S. J. 2007. Covert channel vulnerabilities in anonymity systems. Ph.D. thesis, University of Cambridge, Cambridge, UK.

[11]

Murdoch, S. J. and Zieliński, P. 2007. Sampled traffic analysis by Internet-exchange-level adversaries. In Proceedings of the 7th Workshop on Privacy Enhancing Technologies (PET 07). N. Borisov and P. Golle, Eds., Lecture Notes in Computer Science, vol. 4776, Springer, 167--183.

Digital Library

[12]

Overlier, L. and Syverson, P. 2006. Locating hidden servers. In Proceedings of the IEEE Symposium on Security and Privacy (S&P 06). IEEE Computer Society, 100--114.

Digital Library

[13]

Reiter, M. and Rubin, A. 1998. Crowds: Anonymity for web transactions. ACM Trans. Info. Syst. Secur. 1, 1, 66--92.

Digital Library

[14]

Rennhard, M. and Plattner, B. 2002. Introducing MorphMix: Peer-to-peer based anonymous internet usage with collusion detection. In Proceedings of the ACM Workshop on Privacy in the Electronic Society (WPES 02). ACM Press, 91--102.

Digital Library

[15]

Syverson, P., Tsudik, G., Reed, M., and Landwehr, C. 2000. Towards an analysis of onion routing security. In Proceedings of the International Workshop on Designing Privacy Enhancing Technologies Design Issues in Anonymity and Unobservability. Lecture Notes in Computer Science, vol. 2009, Springer, 96--114.

Digital Library

[16]

Tabriz, P. and Borisov, N. 2006. Breaking the collusion detection mechanism of MorphMix. In Proceedings of the 6th Workshop on Privacy Enhancing Technologies (PET 06). G. Danezis and P. Golle, Eds., Lecture Notes in Computer Science, vol. 4258, Springer, 368--384.

Digital Library

[17]

Wright, M., Adler, M., Levine, B. N., and Shields, C. 2002. An analysis of the degradation of anonymous protocols. In Proceedings of the Network and Distributed System Security Symposium (NDSS 02). Internet Society, 38--50.

[18]

Wright, M., Adler, M., Levine, B. N., and Shields, C. 2003. Defending anonymous communication against passive logging attacks. In Proceedings of the Symposium on Security and Privacy. IEEE Computer Society, 28--41.

Digital Library

Cited By

Tan QWang XShi WTang JTian Z(2022)An Anonymity Vulnerability in TorIEEE/ACM Transactions on Networking10.1109/TNET.2022.317400330:6(2574-2587)Online publication date: Dec-2022
https://doi.org/10.1109/TNET.2022.3174003
Dopmann CFranck VTschorsch F(2021)Onion Pass: Token-Based Denial-of-Service Protection for Tor Onion Services2021 IFIP Networking Conference (IFIP Networking)10.23919/IFIPNetworking52078.2021.9472207(1-9)Online publication date: 21-Jun-2021
https://doi.org/10.23919/IFIPNetworking52078.2021.9472207
Chen MWang XLiu TShi JYin ZFang B(2019)SignalCookie: Discovering Guard Relays of Hidden Services in Parallel2019 IEEE Symposium on Computers and Communications (ISCC)10.1109/ISCC47284.2019.8969639(1-7)Online publication date: Jun-2019
https://doi.org/10.1109/ISCC47284.2019.8969639
Show More Cited By

Index Terms

Effectiveness and detection of denial-of-service attacks in tor
1. Security and privacy
  1. Human and societal aspects of security and privacy
2. Social and professional topics
  1. Computing / technology policy
    1. Privacy policies

Recommendations

Protocol-level attacks against Tor

Tor is a real-world, circuit-based low-latency anonymous communication network, supporting TCP applications over the Internet. In this paper, we present an extensive study of protocol-level attacks against Tor. Different from existing attacks, the ...
How to Find Hidden Users: A Survey of Attacks on Anonymity Networks
Communication privacy has been a growing concern, particularly with the Internet becoming a major hub of our daily interactions. Revelations of government tracking and corporate profiling have resulted in increasing interest in anonymous communication ...
Detecting Denial of Service Attacks in Tor
Financial Cryptography and Data Security

Tor is currently one of the more popular systems for anonymizing near real-time communications on the Internet. Recently, Borisov et al. proposed a denial of service based attack on Tor (and related systems) that significantly increases the probability ...

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Information and System Security

ACM Transactions on Information and System Security Volume 15, Issue 3

November 2012

105 pages

ISSN:1094-9224

EISSN:1557-7406

DOI:10.1145/2382448

Issue’s Table of Contents

Copyright © 2012 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 30 November 2012

Accepted: 01 June 2012

Revised: 01 May 2012

Received: 01 November 2011

Published in TISSEC Volume 15, Issue 3

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

11
Total Citations
View Citations
935
Total Downloads

Downloads (Last 12 months)13
Downloads (Last 6 weeks)0

Reflects downloads up to 07 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Tan QWang XShi WTang JTian Z(2022)An Anonymity Vulnerability in TorIEEE/ACM Transactions on Networking10.1109/TNET.2022.317400330:6(2574-2587)Online publication date: Dec-2022
https://doi.org/10.1109/TNET.2022.3174003
Dopmann CFranck VTschorsch F(2021)Onion Pass: Token-Based Denial-of-Service Protection for Tor Onion Services2021 IFIP Networking Conference (IFIP Networking)10.23919/IFIPNetworking52078.2021.9472207(1-9)Online publication date: 21-Jun-2021
https://doi.org/10.23919/IFIPNetworking52078.2021.9472207
Chen MWang XLiu TShi JYin ZFang B(2019)SignalCookie: Discovering Guard Relays of Hidden Services in Parallel2019 IEEE Symposium on Computers and Communications (ISCC)10.1109/ISCC47284.2019.8969639(1-7)Online publication date: Jun-2019
https://doi.org/10.1109/ISCC47284.2019.8969639
Chen MWang XShi JGao YZhao CSun W(2019)Towards Comprehensive Security Analysis of Hidden Services Using Binding Guard RelaysInformation and Communications Security10.1007/978-3-030-41579-2_30(521-538)Online publication date: 15-Dec-2019
https://dl.acm.org/doi/10.1007/978-3-030-41579-2_30
Saleh SQadir JIlyas M(2018)Shedding Light on the Dark Corners of the Internet: A Survey of Tor ResearchJournal of Network and Computer Applications10.1016/j.jnca.2018.04.002114(1-28)Online publication date: Jul-2018
https://doi.org/10.1016/j.jnca.2018.04.002
Sangeetha KRavikumar K(2018)Defense Against Protocol Level Attack in Tor Network using Deficit Round Robin Queuing ProcessEgyptian Informatics Journal10.1016/j.eij.2018.03.00519:3(199-205)Online publication date: Nov-2018
https://doi.org/10.1016/j.eij.2018.03.005
Haughey HEpiphaniou GAl-Khateeb HDehghantanha A(2018)Adaptive Traffic Fingerprinting for Darknet Threat IntelligenceCyber Threat Intelligence10.1007/978-3-319-73951-9_10(193-217)Online publication date: 24-Apr-2018
https://doi.org/10.1007/978-3-319-73951-9_10
Palmieri P(2016)Anonymity networks and access to information during conflicts: Towards a distributed network organisation2016 8th International Conference on Cyber Conflict (CyCon)10.1109/CYCON.2016.7529439(263-275)Online publication date: May-2016
https://doi.org/10.1109/CYCON.2016.7529439
(2016)Anonymity networks and the fragile cyber ecosystemNetwork Security10.1016/S1353-4858(16)30028-92016:3(10-18)Online publication date: 1-Mar-2016
https://dl.acm.org/doi/10.1016/S1353-4858%2816%2930028-9
Conrad BShirazi FPoet RMuttukrishnan R(2014)Analyzing the Effectiveness of DoS Attacks on TorProceedings of the 7th International Conference on Security of Information and Networks10.1145/2659651.2659707(355-358)Online publication date: 9-Sep-2014
https://dl.acm.org/doi/10.1145/2659651.2659707
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Issue’s Table of Contents