Zhen Ling Southeast University Extensive Analysis and Large-Scale Empirical Evaluation of Tor Bridge Discovery In collaboration with Junzhou Luo, Southeast.

Slides:

Advertisements

Similar presentations

LASTor: A Low-Latency AS-Aware Tor Client

Advertisements

How Many Ways Can You Connect To The Internet?

NAT, firewalls and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.

One Cell is Enough to Break Tor’s Anonymity Xinwen Fu University of Massachusetts Lowell Team members Zhen Ling, Southeast University Junzhou Luo, Southeast.

Predicting Tor Path Compromise by Exit Port IEEE WIDA 2009December 16, 2009 Kevin Bauer, Dirk Grunwald, and Douglas Sicker University of Colorado Client.

ExperimenTor: A Testbed for Safe and Realistic Tor Experimentation Kevin Bauer 1 Micah Sherr 2 Damon McCoy 3 Dirk Grunwald 4 1 University of Waterloo 2.

Onion Routing Security Analysis Aaron Johnson U.S. Naval Research Laboratory DC-Area Anonymity, Privacy, and Security Seminar.

How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.

Hiding Amongst the Clouds A Proposal for Cloud-based Onion Routing Nicholas Jones Matvey Arye Jacopo Cesareo Michael J. Freedman Princeton University.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Peer-to-peer Multimedia Streaming and Caching Service Jie WEI, Zhen MA May. 29.

Introduction to Networking & Telecommunications School of Business Eastern Illinois University © Abdou Illia, Spring 2007 (Week 1, Tuesday 1/9/2007)

An Overlay Data Plane for PlanetLab Andy Bavier, Mark Huang, and Larry Peterson Princeton University.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

Scalable Distributed Stream Processing Presented by Ming Jiang.

A New Replay Attack Against Anonymous Communication Networks Xinwen Fu June 30, 2015.

1 Internet Management and Security We will look at management and security of networks and systems. Systems: The end nodes of the Internet Network: The.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

Peer-to-peer Multimedia Streaming and Caching Service by Won J. Jeon and Klara Nahrstedt University of Illinois at Urbana-Champaign, Urbana, USA.

A Peer-to-Peer On-Demand Streaming Service and Its Performance Evaluation Yang Guo, Kyoungwon Suh, Jim Kurose, Don Towsley University of Massachusetts,

Firewalls and VPNS Team 9 Keith Elliot David Snyder Matthew While.

Anonymizing Network Technologies Some slides modified from Dingledine, Mathewson, Syverson, Xinwen Fu, and Yinglin Sun Presenter: Chris Zachor 03/23/2011.

CrowdLogging: Distributed, private, and anonymous search logging Henry Feild James Allan Joshua Glatt Center for Intelligent Information Retrieval University.

Aaron Johnson U.S. Naval Research Laboratory CSci 6545 George Washington University 11/18/2013.

Tor (Anonymity Network) Scott Pardue. Tor Network  Nodes with routers within the network (entry, middle, exit)  Directory servers  Socket Secure (SOCKS)

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 9 Network Policy and Access Services in Windows Server 2008.

A measurement study of vehicular internet access using in situ Wi-Fi networks Vladimir Bychkovsky, Bret Hull, Allen Miu, Hari Balakrishnan, and Samuel.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

 Zhichun Li  The Robust and Secure Systems group at NEC Research Labs  Northwestern University  Tsinghua University 2.

1 Anonshare 2.0 P2P Anonymous Browsing History Share Frank Chiang Terry Go Rui Ma Anita Mathew.

Wireless and Security CSCI 5857: Encoding and Encryption.

Unit 28 Website Production.

IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS 2007 (TPDS 2007)

Secure Web Applications via Automatic Partitioning Stephen Chong, Jed Liu, Andrew C. Meyers, Xin Qi, K. Vikram, Lantian Zheng, Xin Zheng. Cornell University.

Chapter 6: Packet Filtering

Cloud Computing.

©G. Millbery 2001Communications and Networked SystemsSlide 1 Purpose of Network Components  Switches A device that controls routing and operation of a.

National Chi Nan University Performance Evaluation of Transport Protocols in Smart Meter Networks Speaker: Chia-Wen Lu Advisor: Dr. Quincy Wu Date: 2012/07/23.

Aadil Zia Khan and Shahab Baqai LUMS School of Science and Engineering QoS Aware Path Selection in Content Centric Networks Fahad R. Dogar Carnegie Mellon.

EmNet: Satisfying The Individual User Through Empathic Home Networks J. Scott Miller, John R. Lange & Peter A. Dinda Department of Electrical Engineering.

Crowds: Anonymity for Web Transactions Michael K. Reiter Aviel D. Rubin Jan 31, 2006Presented by – Munawar Hafiz.

Key Terms. Online Communication Online community A virtual community which exists only online. It may be open to anyone (eg. a bulletin board) or restricted.

A Firewall for Routers: Protecting Against Routing Misbehavior1 June 26, A Firewall for Routers: Protecting Against Routing Misbehavior Jia Wang.

Enabling Peer-to-Peer SDP in an Agent Environment University of Maryland Baltimore County USA.

Adaptive Web Caching CS411 Dynamic Web-Based Systems Flying Pig Fei Teng/Long Zhao/Pallavi Shinde Computer Science Department.

Chapter 6 Data Communications. Network Collection of computers Communicate with one another over transmission line Major types of network topologies What.

Networking Components Michelle Vega Network System Administrations LTEC /026 Mr. West.

Authors: Haowei Yuan and Patrick Crowley Publisher: 2013 Proceedings IEEE INFOCOM Presenter: Chia-Yi Chu Date: 2013/08/14 1.

OSPF Offloading: The HELLO Protocol A First Step Toward Distributed Heterogeneous Offloading Speaker: Mary Bond.

Thanks to Edoardo Martelli, Stefan Stancu and Adam Krajewski

Guard Sets for Onion Routing JOSHUA FREE. Tor Most popular low-latency distributed anonymity network Controversial decisions of guard selection strategies.

KAIS T Computer Architecture Lab. Div. of CS, Dept. of EECS KAIST CS492 Lab Summary.

ITGS Network Architecture. ITGS Network architecture –The way computers are logically organized on a network, and the role each takes. Client/server network.

Supplemental Information on TOR (The Onion Router) CEH ed 8, Rev 4 CS3695 – Network Vulnerability Assessment & Risk Mitigation–

LASTor: A Low-Latency AS-Aware Tor Client. Tor  Stands for The Onion Router  Goals: Anonymity ○ Each hop only knows previous and next hop on a path.

Investigating the Prefix-level Characteristics A Case Study in an IPv6 Network Department of Computer Science and Information Engineering, National Cheng.

Client – Server Architecture A Basic Introduction 1.

Tor Bruce Maggs relying on materials from

VS (Virtual Subnet) draft-xu-virtual-subnet-03 Xiaohu Xu IETF 79, Beijing.

Client-server communication Prof. Wenwen Li School of Geographical Sciences and Urban Planning 5644 Coor Hall

Tor Bruce Maggs relying on materials from

Hiding in the Dark: The Internet You Cannot See Marc Visnick

SOURCE:2014 IEEE 17TH INTERNATIONAL CONFERENCE ON COMPUTATIONAL SCIENCE AND ENGINEERING AUTHER: MINGLIU LIU, DESHI LI, HAILI MAO SPEAKER: JIAN-MING HONG.

A Seminar On. What is Cloud Computing? Distributed computing on internet Or delivery of computing service over the internet. Eg: Yahoo!, GMail, Hotmail-

Aaron Johnson Rob Jansen Aaron D. Jaggard Joan Feigenbaum

Tor Internals and Hidden Services

Digital Forensics 2 Presented by : J.Silaa Lecture: FCI 30 Aug 2017

Anupam Das , Nikita Borisov

Toward Drone Privacy via Regulating Altitude and Payload

Presentation transcript:

Zhen Ling Southeast University Extensive Analysis and Large-Scale Empirical Evaluation of Tor Bridge Discovery In collaboration with Junzhou Luo, Southeast University Wei Yu, Towson University Ming Yang, Southeast University Xinwen Fu, University of Massachusetts Lowell 31th IEEE International Conference on Computer Communications (INFOCOM), 2012

2 Outline  Introduction  Discovery of Tor Bridges  Evaluation  Summary

3 Introduction  Tor is a popular low-latency anonymous communication system and supports TCP applications over the Internet Source routing for communication privacy Publicly listed on the Internet Circuit

4 Tor Bridges  Tor introduce bridge to resist the censorship blocking of public Tor routers Bridge information not listed on the Internet Distribution via bridge https server / server

5 How Does Tor with Bridge Work?  Basic Components of Tor with Bridge

6 Two categories of bridge-discovery  The enumeration of bridges via bulk s and Tor’s https server  The use of malicious middle routers to discover bridges

7 Outline  Introduction  Discovery of Tor Bridges  Evaluation  Summary

8 Basic Idea  and https enumeration Yahoo and gmail to  Discovery by bad middle routers Fact: a circuit passes both bridge and malicious middle router Middle routers at apartments, PlanetLab or Amazon EC2

9 Enumerating Bridges via  Challenge: Tor limits bridge retrieval from each account  500 PlanetLab nodes and 500+ Tor exit router as proxies to apply for accounts via iMacros  A command-and-control architecture to send bulk s  A tiny POP3 client Mpop to retrieve Yahoo s via an emulated POP3 server FreePOPs

10 Enumerating Bridges via HTTPS  Challenge: Tor limits bridge retrieval from each class C network  https via PlanetLab nodes using a C&C architecuture  https via Tor exit nodes using customized two-hop circuits

11 Discovering Bridges via Tor Middle Router  Deploy malicious Tor middle routers on PlanetLab to discover bridges connected to these Tor middle routers  Prevent malicious routers from becoming entry or exit routers automatically Reduce their bandwidth or control their uptime By configuring the exit policy, we can prevent those malicious routers from becoming exit routers

12 Analysis of Enumeration via and HTTPS  Coupon collection problem  Classic coupon collection problem: Bridges uniformly selected Collect nlog(n) coupons on average to collect all of the bridges  A weighted coupon collection problem: Bridges are selected according to the bandwidth Expected number of different bridges generated by these h samplings can be computed by

13 Analysis of Bridge Discovery via Middle Routers  Assume that k computers are injected into the Tor network with advertised bandwidth b  We can get the catch probability that a TCP stream from a bridge traverses malicious middle routers Catch probability increases with k and b, i.e., the total bandwidth of malicious middle routers

14 Outline  Introduction  Discovery of Tor Bridges  Evaluation  Summary

15 Enumerated Bridges via s

16 Enumerated Bridges via HTTPS

17 Number of Samplings v.s. Number of Distinct Bridges via s and HTTPs

18 Discovery Bridges via ONE Tor Middle Router 2369 bridges in in two weeks

19 Outline  Introduction  Discovery of Tor Bridges  Evaluation  Summary

20 Summary  Extensive analysis and large-scale empirical evaluation of Tor bridge discovery via , https and malicious Tor middle routers  2365 Tor bridges enumerated via and https  2369 bridges discoved by only one controlled Tor middle router in just 14 days  Countermeasure needed

21Xinwen Fu21/15 Thank you!