Abstract:Abstract. Location hidden services have received increasing attention as a means to resist censorship and protect the identity of service operators. Research and vulnerability analysis to date has mainly focused on how to locate the hidden service. But while the hiding techniques have improved, almost no progress has been made in increasing the resistance against DoS attacks directly or indirectly on hidden services. In this paper we suggest improvements that should be easy to adopt within the existing hidden … Show more
“…In [17], Murdoch and Danezis stage an active attack to trace back connections from a server to the victim client by modulating the traffic to the victim at the server and by remotely "sensing" the modulation by probind its interference on cross traffic that is generated by one or more corrupt Tor nodes. Similarly, Øverlier and Syverson [19], [20] describe how to locate hidden servers in the Tor network with the use of a corrupt Tor node and a client node. It is pointed out that all Tor nodes are volunteer peers; it is easy to add corrupt nodes to the network.…”
In this paper, we address attacks that exploit the timing behavior of TCP and other protocols and applications in low-latency anonymity networks. Mixes have been used in many anonymous communication systems and are supposed to provide countermeasures to defeat traffic analysis attacks. In this paper, we focus on a particular class of traffic analysis attacks, flowcorrelation attacks, by which an adversary attempts to analyze the network traffic and correlate the traffic of a flow over an input link with that over an output link. Two classes of correlation methods are considered, namely time-domain methods and frequency-domain methods. Based on our threat model and known strategies in existing mix networks, we perform extensive experiments to analyze the performance of mixes. We find that all but a few batching strategies fail against flow-correlation attacks, allowing the adversary to either identify ingress and egress points of a flow or to reconstruct the path used by the flow. Counterintuitively, some batching strategies are actually detrimental against attacks. The empirical results provided in this paper give an indication to designers of Mix networks about appropriate configurations and mechanisms to be used to counter flow-correlation attacks.
“…In [17], Murdoch and Danezis stage an active attack to trace back connections from a server to the victim client by modulating the traffic to the victim at the server and by remotely "sensing" the modulation by probind its interference on cross traffic that is generated by one or more corrupt Tor nodes. Similarly, Øverlier and Syverson [19], [20] describe how to locate hidden servers in the Tor network with the use of a corrupt Tor node and a client node. It is pointed out that all Tor nodes are volunteer peers; it is easy to add corrupt nodes to the network.…”
In this paper, we address attacks that exploit the timing behavior of TCP and other protocols and applications in low-latency anonymity networks. Mixes have been used in many anonymous communication systems and are supposed to provide countermeasures to defeat traffic analysis attacks. In this paper, we focus on a particular class of traffic analysis attacks, flowcorrelation attacks, by which an adversary attempts to analyze the network traffic and correlate the traffic of a flow over an input link with that over an output link. Two classes of correlation methods are considered, namely time-domain methods and frequency-domain methods. Based on our threat model and known strategies in existing mix networks, we perform extensive experiments to analyze the performance of mixes. We find that all but a few batching strategies fail against flow-correlation attacks, allowing the adversary to either identify ingress and egress points of a flow or to reconstruct the path used by the flow. Counterintuitively, some batching strategies are actually detrimental against attacks. The empirical results provided in this paper give an indication to designers of Mix networks about appropriate configurations and mechanisms to be used to counter flow-correlation attacks.
Anonymous communications networks were born to protect the privacy of our communications, preventing censorship and traffic analysis. The most famous anonymous communication network is Tor. This anonymous communication network provides some interesting features, among them, we can mention user’s IP location or Tor Hidden Services (THS) as a mechanism to conceal the location of servers, mainly, web servers. THS is an important research field in Tor. However, there is a lack of reviews that sump up main findings and research challenges. In this article we present a systematic literature review that aims to offer a comprehensive view on the research made on Tor Hidden services presenting the state of the art and the different research challenges to be addressed. This review has been developed from a selection of 57 articles and present main findings and advances regarding Tor Hidden Services, limitations found, and future issues to be investigated.
“…While there is always a (small) chance that the victim will select the adversary's monitor peers, the adversary uses a second type of peer, an attack peer (which performs a limited type of DoS attack) to influence the victim's tiers to the adversary's benefit. Note that, in contrast to [11], the goal of the attack is to change the fast tier, not to impact the availability or reachability of the Eepsite. Finally, the adversary also uses one peer to act as a "normal" visitor to the Eepsite, querying the I2P NetDB for leaseSets and issuing HTTP requests to the Eepsite.…”
Abstract. I2P is one of the most widely used anonymizing Peer-to-Peer networks on the Internet today. Like Tor, it uses onion routing to build tunnels between peers as the basis for providing anonymous communication channels. Unlike Tor, I2P integrates a range of anonymously hosted services directly with the platform. This paper presents a new attack on the I2P Peer-to-Peer network, with the goal of determining the identity of peers that are anonymously hosting HTTP services (Eepsite) in the network. Key design choices made by I2P developers, in particular performancebased peer selection, enable a sophisticated adversary with modest resources to break key security assumptions. Our attack first obtains an estimate of the victim's view of the network. Then, the adversary selectively targets a small number of peers used by the victim with a denialof-service attack while giving the victim the opportunity to replace those peers with other peers that are controlled by the adversary. Finally, the adversary performs some simple measurements to determine the identity of the peer hosting the service. This paper provides the necessary background on I2P, gives details on the attack -including experimental data from measurements against the actual I2P network -and discusses possible solutions.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.