Title :
Predicting Tor path compromise by exit port
Author :
Bauer, Kevin ; Grunwald, Dirk ; Sicker, Douglas
Author_Institution :
Dept. of Comput. Sci., Univ. of Colorado, Boulder, CO, USA
Abstract :
Tor is currently the most popular low latency anonymizing overlay network for TCP-based applications. However, it is well understood that Tor´s path selection algorithm is vulnerable to end-to-end traffic correlation attacks since it chooses Tor routers in proportion to their perceived bandwidth capabilities. Prior work has shown that the fraction of malicious routers and the amount of adversary-controlled bandwidth are significant factors for predicting the number of paths that an adversary can compromise. We extend this prior work by identifying that the application-layer protocol being transported is also a significant factor in predicting path compromise. Through a simulation study driven by data obtained from the real Tor network, we show that ports commonly associated with peer-to-peer file sharing protocols and the simple mail transport protocol (SMTP) are significantly more vulnerable to this attack than other ports.
Keywords :
correlation methods; peer-to-peer computing; telecommunication traffic; transport protocols; TCP-based applications; Tor path compromise; Tor routers; end-to-end traffic correlation attacks; exit port; malicious routers; overlay network; peer-to-peer file sharing protocols; simple mail transport protocol; Bandwidth; Circuit simulation; Computer science; Delay; Internet; Peer to peer computing; Telecommunication traffic; Timing; Traffic control; Transport protocols;
Conference_Titel :
Performance Computing and Communications Conference (IPCCC), 2009 IEEE 28th International
Conference_Location :
Scottsdale, AZ
Print_ISBN :
978-1-4244-5737-3
DOI :
10.1109/PCCC.2009.5403852
