Balancing Performance in Tor: Anonymity Challenges Explored

how low can you go balancing performance with n.w
1 / 44
Embed
Share

Explore the delicate balance between performance and anonymity in Tor, as discussed in a seminar by Rob Jansen. Learn about induced throttling attacks, traffic correlation, and more related to anonymity and security in online communication networks.

  • Tor
  • Anonymity
  • Privacy
  • Security
  • Traffic Correlation
rayaanacharya
bond_r Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. How Low Can You Go: Balancing Performance with Anonymity in Tor DC-Area Anonymity,Privacy, and Security Seminar May 10th, 2013 Rob Jansen U.S. Naval Research Laboratory rob.g.jansen@nrl.navy.mil PETS 2013, joint w/ John Geddes and Nick Hopper, U of Minnesota

  2. This Talk in a Nutshell New class of induced throttling attacks Drastically improves traffic correlation via stealthy throughput style attacks Analyze attacks against Traffic admission control algorithms Congestion control algorithms

  3. Anonymity with Onion Routing

  4. Traffic Correlation

  5. Traffic Correlation

  6. Traffic Correlation

  7. Traffic Correlation

  8. Traffic Correlation: Throughput Mittal et.al. CCS 11

  9. Traffic Correlation: Throughput Mittal et.al. CCS 11

  10. Traffic Correlation: Throughput Mittal et.al. CCS 11

  11. Traffic Correlation: Throughput Induced throttling: improve correlation accuracy

  12. Traffic Correlation: Latency Hopper et.al. CCS 07

  13. Traffic Correlation: Latency Inject redirect or javascript Start timer Hopper et.al. CCS 07

  14. Traffic Correlation: Latency GET Request redirected page Hopper et.al. CCS 07

  15. Traffic Correlation: Latency GET Stop timer Estimate latency Hopper et.al. CCS 07

  16. Outline Tor intro, traffic correlation Why Tor is slow Traffic admission control Induced throttling attack Effects of throughput vs induced throttling Congestion control Induced throttling attack Effects of throughput vs induced throttling

  17. ~500,000 clients Tor s Current Status ~3000 relays

  18. ~500,000 clients Tor s Current Status ~3000 1200 relays

  19. Tors Current Status

  20. Flows 3% Bytes 40% 2008' 58% 92% BitTorrent HTTP Other 11% 2010'' 52% 36% 69% ' McCoy et al. PETS 2008, '' Chaabane et al. NSS 2010

  21. Tor is Slow[er] Web (320 KiB) Bulk (5 MiB)

  22. Tor != Internet Specialized Tor performance enhancements Reducing load: traffic admission control Reducing load, improving utilization: congestion control

  23. Outline Tor intro, traffic correlation Why Tor is slow Traffic admission control Induced throttling attack Effects of throughput vs induced throttling Congestion control Induced throttling attack Effects of throughput vs induced throttling

  24. Traffic Admission Control

  25. Traffic Admission Control Which connections? At what rate?

  26. Traffic Admission Control Sybil attack! Which connections? At what rate?

  27. Traffic Admission Control

  28. Traffic Admission Control Sybil attack (connect only)

  29. Traffic Admission Control Throughput drops to throttle rate

  30. Traffic Admission Control Disconnect sybils

  31. Traffic Admission Control Throughput increases

  32. Induced Throttling Prototype bitsplit flag threshold Jansen et.al. USENIX Sec 12

  33. Induced Throttling Results j P[V =Ci]= P[V =Ci|Rj]P[G= Rj] Throughput Attack Induced Throttling Attack

  34. Outline Tor intro, traffic correlation Why Tor is slow Traffic admission control Induced throttling attack Effects of throughput vs induced throttling Congestion control Induced throttling attack Effects of throughput vs induced throttling

  35. Congestion Control 50 cells (max 500)

  36. Congestion Control SENDME 50 cells (max 500)

  37. Congestion Control 500 cells

  38. Congestion Control 500 cells Throughput drops to 0

  39. Congestion Control SENDME 500 cells

  40. Congestion Control SENDME 500 cells Throughput increases

  41. Induced Throttling Prototype

  42. Induced Throttling Results Raw throughput Smoothed throughput

  43. Induced Throttling Results j P[V =Ci]= P[V =Ci|Rj]P[G= Rj] Throughput Attack Induced Throttling Attack

  44. Questions? rob.g.jansen@nrl.navy.mil

Related


No related presentations.

More Related Content