Performance Enhancements for Tor

Slides:

Advertisements

Similar presentations

Onions for Sale: Putting Privacy on the Market Rob Jansen Aaron Johnson Paul Syverson U.S. Naval Research Laboratory Presented by: Alessandro Acquisti.

Advertisements

Scheduling in Web Server Clusters CS 260 LECTURE 3 From: IBM Technical Report.

24-1 Chapter 24. Congestion Control and Quality of Service (part 1) 23.1 Data Traffic 23.2 Congestion 23.3 Congestion Control 23.4 Two Examples.

24.1 Chapter 24 Congestion Control and Quality of Service Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Network Layer Chapter 5 Design Issues Routing Algorithms

The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network Rob Jansen et. al NDSS 2014 Presenter: Yue Li Part of slides adapted from R.

LIRA: Lightweight Incentivized Routing for Anonymity Rob Jansen Aaron Johnson Paul Syverson U.S. Naval Research Laboratory 20th Annual Network & Distributed.

Memory-based DoS and Deanonymization Attacks on Tor DCAPS Seminar October 11 th, 2013 Rob Jansen U.S. Naval Research Laboratory

1 ELEN 602 Lecture 18 Packet switches Traffic Management.

Onion Routing Security Analysis Aaron Johnson U.S. Naval Research Laboratory DC-Area Anonymity, Privacy, and Security Seminar.

Towards Virtual Routers as a Service 6th GI/ITG KuVS Workshop on “Future Internet” November 22, 2010 Hannover Zdravko Bozakov.

On Traffic Analysis in Tor Guest Lecture, ELE 574 Communications Security and Privacy Princeton University April 3 rd, 2014 Dr. Rob Jansen U.S. Naval Research.

1 Routing and Scheduling in Web Server Clusters. 2 Reference The State of the Art in Locally Distributed Web-server Systems Valeria Cardellini, Emiliano.

ACN: Congestion Control1 Congestion Control and Resource Allocation.

Lecture 5: Congestion Control l Challenge: how do we efficiently share network resources among billions of hosts? n Last time: TCP n This time: Alternative.

May, Bit Round Robin Scheduling t t t. May, Bit Round Robin Scheduling t t t.

CSc 461/561 CSc 461/561 Multimedia Systems Part C: 3. QoS.

Design of QoS Router Terrance Lee. Broadband Internet Architecture Intelligent Access Electronic Switch (Intserv or Diffserv) Switching /Routing QoS Security.

Locality-Aware Request Distribution in Cluster-based Network Servers Presented by: Kevin Boos Authors: Vivek S. Pai, Mohit Aron, et al. Rice University.

Toward Understanding Congestion in Tor DC-area Anonymity, Privacy, and Security Seminar January 24 th, 2014 Rob Jansen U.S. Naval Research Laboratory *Joint.

Tor (Anonymity Network) Scott Pardue. Tor Network  Nodes with routers within the network (entry, middle, exit)  Directory servers  Socket Secure (SOCKS)

Packet Scheduling From Ion Stoica. 2 Packet Scheduling  Decide when and what packet to send on output link -Usually implemented at output interface 1.

Transport Layer 4 2: Transport Layer 4.

Shadow: Simple HPC for Systems Security Research Invited Talk Kansas State University September 25 th, 2013 Rob Jansen U.S. Naval Research Laboratory

Never Been KIST: Tor’s Congestion Management Blossoms with Kernel- Informed Socket Transport 23 rd USENIX Security Symposium August 20 th 2014 Rob JansenUS.

Ethernet Circuit. Ethernet Circuit Concepts Circuit switching features –End to end quality of service –End to end Layer 2 security –Granular bandwidth.

Packet Scheduling and Buffer Management Switches S.Keshav: “ An Engineering Approach to Networking”

McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 23 Congestion Control and Quality of Service.

T. S. Eugene Ngeugeneng at cs.rice.edu Rice University1 COMP/ELEC 429 Introduction to Computer Networks Lecture 18: Quality of Service Slides used with.

How Low Can You Go: Balancing Performance with Anonymity in Tor’ DC-Area Anonymity,Privacy, and Security Seminar May 10 th, 2013 Rob Jansen U.S. Naval.

Shadow: Scalable Simulation for Systems Security Research CrySP Speaker Series on Privacy University of Waterloo January 20 th, 2016 Rob Jansen U.S. Naval.

-1- Georgia State UniversitySensorweb Research Laboratory CSC4220/6220 Computer Networks Dr. WenZhan Song Professor, Computer Science.

The Network Layer Congestion Control Algorithms & Quality-of-Service Chapter 5.

Lecture 5 Scheduling. Today CPSC Tyson Kendon Updates Assignment 1 Assignment 2 Concept Review Scheduling Processes Concepts Algorithms.

Safely Measuring Tor Rob Jansen U.S. Naval Research Laboratory Center for High Assurance Computer Systems 23 rd Conference on Computer and Communication.

Aaron Johnson Rob Jansen Aaron D. Jaggard Joan Feigenbaum

PeerFlow: Secure Load Balancing in Tor Aaron Johnson1 Rob Jansen1 Aaron Segal2 Nicholas Hopper3 Paul Syverson1 1U.S. Naval Research Laboratory 2Yale.

Tor Good + Evil.

Topics discussed in this section:

Approaches towards congestion control

The Onion Router Hao-Lun Hsu

Congestion Control and

CS 268: Lecture 6 Scott Shenker and Ion Stoica

Congestion Control, Quality of Service, and Internetworking

Shadow: Real Applications, Simulated Networks

Network Layer Goals: Overview:

Congestion Control and Resource Allocation

Rob Jansen and Nick Hopper University of Minnesota

Chapter 4: Network Layer

Columbia University in the city of New York

Inside Job: Applying Traffic Analysis to Measure Tor from Within

CONGESTION CONTROL, QUALITY OF SERVICE, & INTERNETWORKING

Measuring and Monitoring the Tor Network Aaron Johnson

PPPoE Internet Point to Point Protocol over Ethernet

Anupam Das , Nikita Borisov

Shadow: Scalable and Deterministic Network Experimentation

PUSH Flag A notification from the sender to the receiver to pass all the data the receiver has to the receiving application. Some implementations of TCP.

Scheduling Algorithms in Broad-Band Wireless Networks

HW & Systems: Operating Systems IS 101Y/CMSC 101 Computational Thinking and Design Tuesday, October 22, 2013 Carolyn Seaman University of Maryland, Baltimore.

Net301 LECTURE 10 11/19/2015 Lect

Privacy-Preserving Dynamic Learning of Tor Network Traffic

COMP/ELEC 429 Introduction to Computer Networks

Centralized Arbitration for Data Centers

The Network Layer Congestion Control Algorithms & Quality-of-Service

Introduction to Packet Scheduling

Congestion Control and Resource Allocation

Chapter 4: Network Layer

Rob Jansen, U.S. Naval Research Laboratory

Introduction to Packet Scheduling

کنترل جریان امیدرضا معروضی.

Presentation transcript:

Performance Enhancements for Tor DC Anonymity, Privacy, Security Seminar October 26, 2012 Rob Jansen U.S. Naval Research Laboratory rob.g.jansen@nrl.navy.mil

Tor: The Onion Router Client Relays Server

Tor is Slow! ~300,000 clients ~3000 relays

Tor is Slow!

Research Question How can we improve Tor client performance while preserving privacy? Reduce load: throttling Improve utilization: scheduling Increase capacity: incentives for new relays

Bytes Flows 3% 40% 2008' 58% 92% 11% 2010'' 52% 36% 69% ' McCoy et al. PETS 2008, '' Chaabane et al. NSS 2010

Throttling Clients Guard

Throttling Clients Guard

Throttling Algorithms Criteria: Which connections? At what rate? Constraints: Use only local information ?

Adapt Rate Bit-split: fair bandwidth allocation 1200 KiB/s 300 KiB/S

Adapt Connections Flag: aggressively throttle bulk connections 50 KiB/S

Adapt Rate and Connections Threshold: throttle the loudest connections Threshold = 50% 40 KiB/S

Performance Results Web Bulk

Learn circuit throughput Anonymity Results Learn circuit throughput Learn throttle rate

Tor Circuit Scheduling Circuit Inputs Output ?

Tor Circuit Scheduling Round-robin ?

Tor Circuit Scheduling Round-robin Exponentially-weighted Moving Average (EWMA) ?

Tor Circuit Scheduling Round-robin Exponentially-weighted Moving Average (EWMA) Proportional Differentiation (DiffServ) ?

DiffServ, Single-Circuit: Proportional Delay Web Bulk

DiffServ, Single-Circuit: Proportional Throughput Web Bulk

Full-Network Results Web Bulk

Shadow Model the Internet Manage virtual nodes time, network, cpu, crypto Real applications Function interposition Context switching Shadow Memory Space Tor Memory Space

Questions?