Presentation is loading. Please wait.

Presentation is loading. Please wait.

How Low Can You Go: Balancing Performance with Anonymity in Tor’ DC-Area Anonymity,Privacy, and Security Seminar May 10 th, 2013 Rob Jansen U.S. Naval.

Published byClaribel Preston Modified over 9 years ago

Similar presentations

Presentation on theme: "How Low Can You Go: Balancing Performance with Anonymity in Tor’ DC-Area Anonymity,Privacy, and Security Seminar May 10 th, 2013 Rob Jansen U.S. Naval."— Presentation transcript:

1 How Low Can You Go: Balancing Performance with Anonymity in Tor’ DC-Area Anonymity,Privacy, and Security Seminar May 10 th, 2013 Rob Jansen U.S. Naval Research Laboratory rob.g.jansen@nrl.navy.mil ‘PETS 2013, joint w/ John Geddes and Nick Hopper, U of Minnesota

2 This Talk in a Nutshell ● New class of induced throttling attacks – Drastically improves traffic correlation via “stealthy throughput” style attacks – Analyze attacks against ● Traffic admission control algorithms ● Congestion control algorithms

3 Anonymity with Onion Routing

4 Traffic Correlation

5

6

7

8 Traffic Correlation: Throughput Mittal et.al. CCS’11

9 Traffic Correlation: Throughput Mittal et.al. CCS’11

10 Traffic Correlation: Throughput Mittal et.al. CCS’11

11 Traffic Correlation: Throughput Induced throttling: improve correlation accuracy

12 Traffic Correlation: Latency Hopper et.al. CCS’07

13 Traffic Correlation: Latency Inject redirect or javascript Start timer Hopper et.al. CCS’07

14 Traffic Correlation: Latency Request redirected page GET Hopper et.al. CCS’07

15 Traffic Correlation: Latency Stop timer Estimate latency GET Hopper et.al. CCS’07

16 Outline ● Tor intro, traffic correlation ● Why Tor is slow ● Traffic admission control – Induced throttling attack – Effects of throughput vs induced throttling ● Congestion control – Induced throttling attack – Effects of throughput vs induced throttling

17 Tor’s Current Status ~500,000 clients ~3000 relays

18 Tor’s Current Status ~500,000 clients ~3000 1200 relays

19 Tor’s Current Status

20 Bytes Flows 2008' 2010'' ' McCoy et al. PETS 2008, '' Chaabane et al. NSS 2010 40% 58% 3% 92% 52% 36% 11% 69%

21 Tor is Slow[er] Web (320 KiB)Bulk (5 MiB)

22 Tor != Internet ● Specialized Tor performance enhancements – Reducing load: traffic admission control – Reducing load, improving utilization: congestion control

23 Outline ● Tor intro, traffic correlation ● Why Tor is slow ● Traffic admission control – Induced throttling attack – Effects of throughput vs induced throttling ● Congestion control – Induced throttling attack – Effects of throughput vs induced throttling

24 Traffic Admission Control

25 Which connections? At what rate?

26 Traffic Admission Control Which connections? At what rate? Sybil attack!

27 Traffic Admission Control

28 Sybil attack (connect only)

29 Traffic Admission Control Throughput drops to throttle rate

30 Traffic Admission Control Disconnect sybils

31 Traffic Admission Control Throughput increases

32 Induced Throttling Prototype bitsplitflag threshold Jansen et.al. USENIX Sec’12

33 Induced Throttling Results Throughput AttackInduced Throttling Attack

34 Outline ● Tor intro, traffic correlation ● Why Tor is slow ● Traffic admission control – Induced throttling attack – Effects of throughput vs induced throttling ● Congestion control – Induced throttling attack – Effects of throughput vs induced throttling

35 Congestion Control 50 cells (max 500)

36 Congestion Control SENDME 50 cells (max 500)

37 Congestion Control 500 cells

38 Congestion Control 500 cells Throughput drops to 0

39 Congestion Control 500 cells SENDME

40 Congestion Control 500 cells SENDME Throughput increases

41 Induced Throttling Prototype

42 Induced Throttling Results Raw throughput Smoothed throughput

43 Induced Throttling Results Throughput AttackInduced Throttling Attack

44 Questions? rob.g.jansen@nrl.navy.mil

Download ppt "How Low Can You Go: Balancing Performance with Anonymity in Tor’ DC-Area Anonymity,Privacy, and Security Seminar May 10 th, 2013 Rob Jansen U.S. Naval."

Similar presentations

Onions for Sale: Putting Privacy on the Market Rob Jansen Aaron Johnson Paul Syverson U.S. Naval Research Laboratory Presented by: Alessandro Acquisti.

Onions for Sale: Putting Privacy on the Market Rob Jansen Aaron Johnson Paul Syverson U.S. Naval Research Laboratory Presented by: Alessandro Acquisti.
Tor: The Second-Generation Onion Router

Tor: The Second-Generation Onion Router
LASTor: A Low-Latency AS-Aware Tor Client

LASTor: A Low-Latency AS-Aware Tor Client
PIR-Tor: Scalable Anonymous Communication Using Private Information Retrieval Prateek Mittal University of Illinois Urbana-Champaign Joint work with: Femi.

PIR-Tor: Scalable Anonymous Communication Using Private Information Retrieval Prateek Mittal University of Illinois Urbana-Champaign Joint work with: Femi.
1.  Congestion Control Congestion Control  Factors that Cause Congestion Factors that Cause Congestion  Congestion Control vs Flow Control Congestion.

1.  Congestion Control Congestion Control  Factors that Cause Congestion Factors that Cause Congestion  Congestion Control vs Flow Control Congestion.
The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network Rob Jansen et. al NDSS 2014 Presenter: Yue Li Part of slides adapted from R.

The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network Rob Jansen et. al NDSS 2014 Presenter: Yue Li Part of slides adapted from R.
LIRA: Lightweight Incentivized Routing for Anonymity Rob Jansen Aaron Johnson Paul Syverson U.S. Naval Research Laboratory 20th Annual Network & Distributed.

LIRA: Lightweight Incentivized Routing for Anonymity Rob Jansen Aaron Johnson Paul Syverson U.S. Naval Research Laboratory 20th Annual Network & Distributed.
Memory-based DoS and Deanonymization Attacks on Tor DCAPS Seminar October 11 th, 2013 Rob Jansen U.S. Naval Research Laboratory

Memory-based DoS and Deanonymization Attacks on Tor DCAPS Seminar October 11 th, 2013 Rob Jansen U.S. Naval Research Laboratory
Onion Routing Security Analysis Aaron Johnson U.S. Naval Research Laboratory DC-Area Anonymity, Privacy, and Security Seminar.

Onion Routing Security Analysis Aaron Johnson U.S. Naval Research Laboratory DC-Area Anonymity, Privacy, and Security Seminar.
How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.

How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.
Towards efficient traffic-analysis resistant anonymity networks Stevens Le Blond David Choffnes Wenxuan Zhou Peter Druschel Hitesh Ballani Paul Francis.

Towards efficient traffic-analysis resistant anonymity networks Stevens Le Blond David Choffnes Wenxuan Zhou Peter Druschel Hitesh Ballani Paul Francis.
On Traffic Analysis in Tor Guest Lecture, ELE 574 Communications Security and Privacy Princeton University April 3 rd, 2014 Dr. Rob Jansen U.S. Naval Research.

On Traffic Analysis in Tor Guest Lecture, ELE 574 Communications Security and Privacy Princeton University April 3 rd, 2014 Dr. Rob Jansen U.S. Naval Research.
The War Between Mice and Elephants Presented By Eric Wang Liang Guo and Ibrahim Matta Boston University ICNP 2001 1.

The War Between Mice and Elephants Presented By Eric Wang Liang Guo and Ibrahim Matta Boston University ICNP
Location-Aware Onion Routing Aaron Johnson U.S. Naval Research Laboratory IEEE Symposium on Security and Privacy May 19, 2015.

Location-Aware Onion Routing Aaron Johnson U.S. Naval Research Laboratory IEEE Symposium on Security and Privacy May 19, 2015.
CS541 Advanced Networking 1 Wireless Mesh Networks Neil Tang 1/26/2009.

CS541 Advanced Networking 1 Wireless Mesh Networks Neil Tang 1/26/2009.
A Usability Evaluation of the Tor Anonymity Network By Gregory Norcie.

A Usability Evaluation of the Tor Anonymity Network By Gregory Norcie.
The War Between Mice and Elephants By Liang Guo (Graduate Student) Ibrahim Matta (Professor) Boston University ICNP’2001 Presented By Preeti Phadnis.

The War Between Mice and Elephants By Liang Guo (Graduate Student) Ibrahim Matta (Professor) Boston University ICNP’2001 Presented By Preeti Phadnis.
Anonymizing Network Technologies Some slides modified from Dingledine, Mathewson, Syverson, Xinwen Fu, and Yinglin Sun Presenter: Chris Zachor 03/23/2011.

Anonymizing Network Technologies Some slides modified from Dingledine, Mathewson, Syverson, Xinwen Fu, and Yinglin Sun Presenter: Chris Zachor 03/23/2011.
Toward Understanding Congestion in Tor DC-area Anonymity, Privacy, and Security Seminar January 24 th, 2014 Rob Jansen U.S. Naval Research Laboratory *Joint.

Toward Understanding Congestion in Tor DC-area Anonymity, Privacy, and Security Seminar January 24 th, 2014 Rob Jansen U.S. Naval Research Laboratory *Joint.
CS332 Ch. 28 Spring 2014 Victor Norman. Access delay vs. Queuing Delay Q: What is the difference between access delay and queuing delay? A: I think the.

CS332 Ch. 28 Spring 2014 Victor Norman. Access delay vs. Queuing Delay Q: What is the difference between access delay and queuing delay? A: I think the.

Similar presentations

Ads by Google