• DocumentCode
    612030
  • Title

    Trawling for Tor Hidden Services: Detection, Measurement, Deanonymization

  • Author

    Biryukov, A. ; Pustogarov, I. ; Weinmann, R.

  • Author_Institution
    Univ. of Luxembourg, Luxembourg, Luxembourg
  • fYear
    2013
  • fDate
    19-22 May 2013
  • Firstpage
    80
  • Lastpage
    94
  • Abstract
    Tor is the most popular volunteer-based anonymity network consisting of over 3000 volunteer-operated relays. Apart from making connections to servers hard to trace to their origin it can also provide receiver privacy for Internet services through a feature called "hidden services". In this paper we expose flaws both in the design and implementation of Tor\´s hidden services that allow an attacker to measure the popularity of arbitrary hidden services, take down hidden services and deanonymize hidden services. We give a practical evaluation of our techniques by studying: (1) a recent case of a botnet using Tor hidden services for command and control channels; (2) Silk Road, a hidden service used to sell drugs and other contraband; (3) the hidden service of the DuckDuckGo search engine.
  • Keywords
    Internet; data privacy; search engines; DuckDuckGo search engine; Internet service privacy; Silk Road; Tor hidden services; arbitrary hidden services; command and control channels; deanonymize hidden services; volunteer based anonymity network; volunteer operated relays; Bandwidth; IP networks; Malware; Privacy; Relays; Servers; Web and internet services; Tor; anonymity network; hidden services; privacy;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Security and Privacy (SP), 2013 IEEE Symposium on
  • Conference_Location
    Berkeley, CA
  • ISSN
    1081-6011
  • Print_ISBN
    978-1-4673-6166-8
  • Electronic_ISBN
    1081-6011
  • Type

    conf

  • DOI
    10.1109/SP.2013.15
  • Filename
    6547103