The Onion Router Hao-Lun Hsu

Slides:

Advertisements

Similar presentations

Reputation in Privacy Enhancing Technologies Paul Syverson Naval Research Laboratory URL: joint work.

Advertisements

A Probabilistic Analysis of Onion Routing in a Black-box Model 10/29/2007 Workshop on Privacy in the Electronic Society Aaron Johnson (Yale) with Joan.

A Formal Analysis of Onion Routing 10/26/2007 Aaron Johnson (Yale) with Joan Feigenbaum (Yale) Paul Syverson (NRL)

Tor: The Second-Generation Onion Router

The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network Rob Jansen et. al NDSS 2014 Presenter: Yue Li Part of slides adapted from R.

Dark net . . Invisible Web . . Hidden Web . .

Trust-based Anonymous Communication: Models and Routing Algorithms Aaron Johnson Paul Syverson Roger Dingledine Nick Mathewson U.S. Naval Research Laboratory.

On Traffic Analysis in Tor Guest Lecture, ELE 574 Communications Security and Privacy Princeton University April 3 rd, 2014 Dr. Rob Jansen U.S. Naval Research.

Privacy Protection In Grid Computing System Presented by Jiaying Shi.

1 Modeling and Analysis of Anonymous-Communication Systems Joan Feigenbaum WITS’08; Princeton NJ; June 18, 2008 Acknowledgement:

Anonymity on the Internet Jess Wilson. Anonymizing Proxy What is a proxy? – An intermediary between you and the internet How does it make you anonymous?

By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.

Anonymity on the Web: A Brief Overview By: Nipun Arora uni-na2271.

0x1A Great Papers in Computer Security Vitaly Shmatikov CS 380S

Anonymizing Network Technologies Some slides modified from Dingledine, Mathewson, Syverson, Xinwen Fu, and Yinglin Sun Presenter: Chris Zachor 03/23/2011.

Aaron Johnson U.S. Naval Research Laboratory CSci 6545 George Washington University 11/18/2013.

Tor (Anonymity Network) Scott Pardue. Tor Network  Nodes with routers within the network (entry, middle, exit)  Directory servers  Socket Secure (SOCKS)

Sofya Rozenblat 11/26/2012 CS 105 TOR ANONYMITY NETWORK.

© Copyright 2012 STI INNSBRUCK Tor project: Anonymity online.

CSE 486/586, Spring 2012 CSE 486/586 Distributed Systems Case Study: TOR Anonymity Network Bahadir Ismail Aydin Computer Sciences and Engineering University.

Overview  Anonymity systems  Review of how Tor works  Tor Project Inc.  Helper tools and accessories  Advanced Tor control  Attack Vectors.

The Silk Road: An Online Marketplace

The Tor Network BY: CONOR DOHERTY AND KENNETH CABRERA.

Supplemental Information on TOR (The Onion Router) CEH ed 8, Rev 4 CS3695 – Network Vulnerability Assessment & Risk Mitigation–

Strengthening Tor against Eavesdropping Correlation Attacks Robert Thomas CSCE APR 2015 Audio:

Traffic Correlation in Tor Source and Destination Prediction PETER BYERLEY RINDAL SULTAN ALANAZI HAFED ALGHAMDI.

#ABATECHSHOW PRESENTED BY: The Deep Dark Web Presenters John Simek #Idon’tTweet Amanda

ANONYMIZING / WEB PRIVACY. TOOLS: STAYING ANONYMOUS ON THE INTERNET Proxy Server Tor.

Tor Bruce Maggs relying on materials from

1 Anonymity. 2 Overview  What is anonymity?  Why should anyone care about anonymity?  Relationship with security and in particular identification 

Benjamin Knapic Nicholas Johnson.  “Tor is free software and an open network that helps you defend against a form of network surveillance that threatens.

Hiding in the Dark: The Internet You Cannot See Marc Visnick

Anonym activities: white- and blackhat applications Márk Jelasity.

17- 1 Last time ● Internet Application Security and Privacy ● Link-layer security: WEP, WPA, WPA2 ● Network-layer security: VPN, IPSec.

Systems Architecture Anonymous Key Agreement Dominik Oepen

Aaron Johnson Rob Jansen Aaron D. Jaggard Joan Feigenbaum

Improving Tor’s Security with Trust-Aware Path Selection Aaron Johnson

CS590B/690B Detecting Network Interference (Fall 2016)

CS590B/690B Detecting Network Interference (FALL 2016)

Tor Good + Evil.

Operational Technology Division

Computer Data Security & Privacy

Dark Web – the modern threat for the Internet Security

Outline Basics of network security Definitions Sample attacks

Anonymous Communication

Protocols for Anonymous Communication

Digital Forensics 2 Presented by : J.Silaa Lecture: FCI 30 Aug 2017

Performance Enhancements for Tor

Should the US government support anonymous web browsing?

Exercise ?: TOR.

Dark Web, Deep Web, and I2P Dante Taylor, Dayton Chamberlin, Kade Randall, Trevor, Tanner, Harshit Joshi, Troy.

Dark Web, I2P, and Deep Web Team 5

An Introduction to Privacy and Anonymous Communication

0x1A Great Papers in Computer Security

Anonymous Communication

Alex Guy packets (stars) tor routers users web servers (squares)

Privacy-Preserving Dynamic Learning of Tor Network Traffic

Kharavets Dmitriy, group №641301

The dark web By Riley. Sampare.

Anonymity (Privacy) Suppose you are surfing the Web.

DDoS Attack and Its Defense

Anonymous Communication

Bruce Maggs relying on materials from

Anonymous Communication

How does the deep web work?

Bruce Maggs relying on materials from

Outline Basics of network security Definitions Sample attacks

Anonymous Communication

Bruce Maggs relying on materials from

Presentation transcript:

The Onion Router Hao-Lun Hsu Taiwan Evolutionary Intelligence Laboratory 2017/3/13 Group Meeting Presentation

Outline Dark Web Onion Router Structure of the Internet Content of dark web Onion Router Onion routing Security issue

Dark Web The Internet was not designed with things like anonymity and privacy. In 1960s, U.S. navy (Naval Research Laboratory) began to develop The Onion Router (Tor). Onion Routing is a system that allows for bi-directional communications over the Internet where the source and destination cannot be determined by a mid-point. Tor的project負責人曾說：不能只有美國政府在用這套系統，不然的話下次有人看到一條匿名的連線就會說”噢，又一個CIA探員在偷看我”

Structure of Internet Deep Web/ Surface Web = 500 I2P Freenet Source: https://www.youtube.com/watch?v=mUP0tx7Ib2w

Content of Dark Web Hidden Services: .onion e.g. http://zqktlwi4fecvo6ri.onion/ Black market e.g. Drug Market Google會鎖因為會判定為DDoS

Onion Router Randomly selects 3 nodes from a list provided by a "directory node“. These nodes are arranged into a path, called a “circuit”. No node in a circuit can tell whether the node before it is the originator or another intermediary like itself. Random select 但是有congestion control Lannister Stark Baratheon Bolton Targaryen

Stark Baratheon Lannister Bolton Targaryen

Stark Baratheon Lannister Bolton Targaryen

Stark Baratheon Lannister Bolton Targaryen

Stark Baratheon Lannister Bolton Targaryen

Stark Baratheon Lannister Bolton Targaryen

Stark Baratheon Lannister Bolton Targaryen

Stark Baratheon Lannister Bolton Targaryen

Stark Baratheon Lannister 外部攻擊者必須 Bolton Targaryen

Onion Router Each node only knows its next node and previous node. The three nodes change every 10 minutes. Unless all three nodes are compromised, the user cannot be traced. (Usually, the three nodes are in three different countries) If the three nodes are compromised unfortunately, tracing the user is still hard since there are too many users.

Connection Establishment

Security Issue Exit node vulnerability Time analysis attack SSL connection between exit node and destination server Time analysis attack NSA: 木馬將Tor導向NSA控制的節點

Pros & Cons Pros Cons Real anonymity Slow (high latency) Rely on SSL connection between nodes and between a node and the destination

Reference Roger Dingledine, Nick Mathewson, Paul Syverson, Tor: The Second-Generation Onion Router Wikipedia: https://en.wikipedia.org/wiki/Onion_routing https://en.wikipedia.org/wiki/Tor_(anonymity_network) https://www.torproject.org/ https://read01.com/5BoQzE.html https://www.youtube.com/watch?v=mUP0tx7Ib2w https://www.youtube.com/watch?v=l5FRYpPwpJ0 https://www.youtube.com/watch?v=a_4aiwVdEOg https://www.youtube.com/watch?v=LAcGiLL4OZU http://iguang.tw/u/4219580/article/320257.html https://plus.google.com/+GhostAssassin/posts/CTqfYy1xVdw https://plus.google.com/+GhostAssassin/posts/eSdPCiPjnhn