More Web Proxy on the site http://driver.im/

Article

DefenestraTor: throwing out windows in Tor

Authors:

Mashael AlSabah,

Geoffrey M. VoelkerAuthors Info & Claims

PETS'11: Proceedings of the 11th international conference on Privacy enhancing technologies

Pages 134 - 154

Published: 27 July 2011 Publication History

Abstract

Tor is one of the most widely used privacy enhancing technologies for achieving online anonymity and resisting censorship. While conventional wisdom dictates that the level of anonymity offered by Tor increases as its user base grows, the most significant obstacle to Tor adoption continues to be its slow performance. We seek to enhance Tor's performance by offering techniques to control congestion and improve flow control, thereby reducing unnecessary delays.

To reduce congestion, we first evaluate small fixed-size circuit windows and a dynamic circuit window that adaptively re-sizes in response to perceived congestion. While these solutions improve web page response times and require modification only to exit routers, they generally offer poor flow control and slower downloads relative to Tor's current design. To improve flow control while reducing congestion, we implement N23, an ATM-style per-link algorithm that allows Tor routers to explicitly cap their queue lengths and signal congestion via back-pressure. Our results show that N23 offers better congestion and flow control, resulting in improved web page response times and faster page loads compared to Tor's current design and other window-based approaches. We also argue that our proposals do not enable any new attacks on Tor users' privacy

References

[1]

Bauer, K., McCoy, D., Grunwald, D., Kohno, T., Sicker, D.: Low-resource routing attacks against Tor. In: Proceedings of the Workshop on Privacy in the Electronic Society (WPES 2007), Washington, DC, USA (October 2007).

Digital Library

[2]

Bauer, K., Sherr, M., McCoy, D., Grunwald, D.: ExperimenTor: A testbed for safe and realistic Tor experimentation. Technical Report CACR 2011-12 (May 2011), http://www.cacr.math.uwaterloo.ca/techreports/2011/cacr2011-12.pdf

[3]

Brakmo, L.S., O'Malley, S.W., Peterson, L.L.: TCP Vegas: New techniques for congestion detection and avoidance. In: Proceedings of the Conference on Communications Architectures, Protocols and Applications, SIGCOMM 1994, pp. 24-35. ACM, New York (1994).

Digital Library

[4]

Chen, F., Perry, M.: Improving Tor path selection (July 2008), https://gitweb.torproject.org/torspec.git/blob_plain/HEAD:/proposals/ 151-path-selection-improvements.txt

[5]

Dhungel, P., Steiner, M., Rimac, I., Hilt, V., Ross, K.W.: Waiting for anonymity: Understanding delays in the Tor overlay. In: Peer-to-Peer Computin. IEEE, Los Alamitos (2010).

[6]

Dingledine, R.: Prop 168: Reduce default circuit window (August 2009), https://gitweb.torproject.org/torspec.git/blob_plain/HEAD:/proposals/ 168-reduce-circwindow.txt

[7]

Dingledine, R.: Research problem: adaptive throttling of Tor clients by entry guards (September 2010), https://blog.torproject.org/blog/ research-problem-adaptive-hrottling-tor-clients-entry-guards

[8]

Dingledine, R., Mathewson, N.: Anonymity loves company: Usability and the network effect. In: Workshop on the Economics of Information Security (June 2006).

[9]

Dingledine, R., Mathewson, N.: Tor Protocol Specificiation (2010), https://gitweb.torproject.org/tor.git/blob_plain/HEAD:/doc/spec/ tor-spec.txt

[10]

Dingledine, R., Mathewson, N., Syverson, P.: Tor: The second-generation onion router. In: Proceedings of the 13th USENIX Security Symposium (August 2004).

Digital Library

[11]

Dingledine, R., Murdoch, S.: Performance improvements on Tor or, why Tor is slow and what we're going to do about it (March 2009), http://www.torproject.org/ press/presskit/2009-03-11-performance.pdf

[12]

Evans, N., Dingledine, R., Grothoff, C.: A practical congestion attack on Tor using long paths. In: Proceedings of the 18th USENIX Security Symposium (2009).

Digital Library

[13]

Goldberg, I.: Prop 174: Optimistic data for Tor: Server side, https://trac.torproject.org/projects/tor/ticket/1795

[14]

Goldschlag, D.M., Reed, M.G., Syverson, P.F.: Hiding routing information. In: Proceedings of Information Hiding: First International Workshop (May 1996).

Digital Library

[15]

Hopper, N., Vasserman, E.Y., Chan-Tin, E.: How much anonymity does network latency leak? In: Proceedings of ACM CCS (October 2007).

Digital Library

[16]

Jain, R.: Congestion control and traffic management in ATM networks: Recent advances and a survey. Computer Networks and ISDN Systems (1995).

Digital Library

[17]

Jansen, R., Hopper, N., Kim, Y.: Recruiting new Tor relays with BRAIDS. In: Proceedings of the ACM CCS (2010).

Digital Library

[18]

Kiraly, C., Bianchi, G., Cigno, R.L.: Solving performance issues in anonymiziation overlays with a L3 approach. University of Trento Information Engineering and Computer Science Department Technical Report DISI-08-041 (September 2008).

[19]

Kung, H.T., Blackwell, T., Chapman, A.: Credit-based flow control for ATM networks: credit update protocol, adaptive credit allocation and statistical multiplexing. SIGCOMM Comput. Commun. Rev. 24, 101-114 (1994).

Digital Library

[20]

Loesing, K.: Measuring the Tor network: Evaluation of client requests to the directories. Tor Project Technical Report (June 2009).

[21]

McCoy, D., Bauer, K., Grunwald, D., Kohno, T., Sicker, D.: Shining light in dark places: Understanding the Tor network. In: Proceedings of the 8th Privacy Enhancing Technologies Symposium (July 2008).

Digital Library

[22]

Murdoch, S.J., Danezis, G.: Low-cost traffic analysis of Tor. In: Proceedings of the 2005 IEEE Symposium on Security and Privacy. IEEE CS, Los Alamitos (2005).

Digital Library

[23]

Murdoch, S.J., Zielinski, P.: Sampled traffic analysis by Internet-exchange-level adversaries. In: Privacy Enhancing Technologies Workshop (June 2007).

Digital Library

[24]

Ngan, T.W.J., Dingledine, R., Wallach, D.S.: Building Incentives into Tor. In: Proceedings of Financial Cryptography (January 2010).

Digital Library

[25]

Øverlier, L., Syverson, P.: Locating hidden servers. In: Proceedings of the 2006 IEEE Symposium on Security and Privacy. IEEE CS, Los Alamitos (2006).

Digital Library

[26]

Pries, R., Yu, W., Graham, S., Fu, X.: On performance bottleneck of anonymous communication networks. In: Parallel and Distributed Processing (2008).

[27]

Ramachandran, S.: Web metrics: Size and number of resources, https://code.google.com/speed/articles/web-metrics.html

[28]

Rapier, C., Bennett, B.: High speed bulk data transfer using the SSH protocol. In: 15th Mardi Gras Conference on Distributed Applications. ACM, New York (2008).

Digital Library

[29]

Reardon, J., Goldberg, I.: Improving Tor using a TCP-over-DTLS tunnel. In: Proceedings of the 18th USENIX Security Symposium (August 2009).

Digital Library

[30]

Savage, S., Cardwell, N., Wetherall, D., Anderson, T.: TCP congestion control with a misbehaving receiver. SIGCOMM Comput. Commun. Rev. 29, 71-78 (1999).

Digital Library

[31]

Serjantov, A., Sewell, P.: Passive attack analysis for connection-based anonymity systems. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 116-131. Springer, Heidelberg (2003).

[32]

Sherwood, R., Bhattacharjee, B., Braud, R.: Misbehaving TCP receivers can cause Internet-wide congestion collapse. In: Proceedings of the 12th ACM Conference on Computer and Communications Security (2005).

Digital Library

[33]

Shmatikov, V., Wang, M.H.: Timing analysis in low-latency mix networks: Attacks and defenses. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol. 4189, pp. 18-33. Springer, Heidelberg (2006).

Digital Library

[34]

Tang, C., Goldberg, I.: An improved algorithm for Tor circuit scheduling. In: Proceedings of the 2010 ACM Conference on Computer and Communications Security. ACM, New York (2010).

Digital Library

[35]

Vahdat, A., Yocum, K., Walsh, K., Mahadevan, P., Kostic, D., Chase, J., Becker, D.: Scalability and accuracy in a large-scale network emulator. SIGOPS Oper. Syst. Rev. 36, 271-284 (2002).

Digital Library

[36]

Viecco, C.: UDP-OR: A fair onion transport. HotPETS (July 2008).

[37]

Wang, Z., Crowcroft, J.: Eliminating periodic packet losses in the 4.3-Tahoe BSD TCP congestion control algorithm. SIGCOMM Comput. Commun. Rev. 22, 9-16 (1992).

Digital Library

[38]

Wright, M.K., Adler, M., Levine, B.N., Shields, C.: The predecessor attack: An analysis of a threat to anonymous communications systems. ACM Trans. Inf. Syst. Secur. 7(4), 489-522 (2004).

Digital Library

Cited By

Jansen RTraudt MGeddes JWacek CSherr MSyverson P(2018)KISTACM Transactions on Privacy and Security10.1145/327812122:1(1-37)Online publication date: 10-Dec-2018
https://dl.acm.org/doi/10.1145/3278121
Jansen RTraudt MHopper NLie DMannan MBackes MWang X(2018)Privacy-Preserving Dynamic Learning of Tor Network TrafficProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security10.1145/3243734.3243815(1944-1961)Online publication date: 15-Oct-2018
https://dl.acm.org/doi/10.1145/3243734.3243815
Gallagher KPatil SDolan-Gavitt BMcCoy DMemon NLie DMannan MBackes MWang X(2018)Peeling the Onion's User Experience LayerProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security10.1145/3243734.3243803(1290-1305)Online publication date: 15-Oct-2018
https://dl.acm.org/doi/10.1145/3243734.3243803
Show More Cited By

DefenestraTor: throwing out windows in Tor
1. General and reference
  1. Cross-computing tools and techniques
2. Networks

Recommendations

Personalised anonymity for microdata release

Individual privacy protection in the released data sets has become an important issue in recent years. The release of microdata provides a significant information resource for researchers, whereas the release of person‐specific data poses a threat to ...
A new unpredictability-based radio frequency identification forward privacy model and a provably secure construction

The privacy model of radio frequency identification RFID systems is for formalizing the adversarial capabilities and the security requirements of RFID anonymity and untraceability. Existing unpredictability-based privacy models such as unp-privacy, eunp-...
An efficient privacy mechanism for electronic health records

Electronic health records (EHRs), digitization of patients' health record, offer many advantages over traditional ways of keeping patients' records, such as easing data management and facilitating quick access and real-time treatment. EHRs are a rich ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Guide Proceedings

PETS'11: Proceedings of the 11th international conference on Privacy enhancing technologies

July 2011

285 pages

ISBN:9783642222627

Editors:
Simone Fischer-Hübner
Karlstad University, Department of Computer Science, Karlstad, Sweden
,
Nicholas Hopper
University of Minnesota, Department of Computer Science and Engineering, Minneapolis, MN

Sponsors

Microsoft: Microsoft

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 27 July 2011

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

15
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 31 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Jansen RTraudt MGeddes JWacek CSherr MSyverson P(2018)KISTACM Transactions on Privacy and Security10.1145/327812122:1(1-37)Online publication date: 10-Dec-2018
https://dl.acm.org/doi/10.1145/3278121
Jansen RTraudt MHopper NLie DMannan MBackes MWang X(2018)Privacy-Preserving Dynamic Learning of Tor Network TrafficProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security10.1145/3243734.3243815(1944-1961)Online publication date: 15-Oct-2018
https://dl.acm.org/doi/10.1145/3243734.3243815
Gallagher KPatil SDolan-Gavitt BMcCoy DMemon NLie DMannan MBackes MWang X(2018)Peeling the Onion's User Experience LayerProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security10.1145/3243734.3243803(1290-1305)Online publication date: 15-Oct-2018
https://dl.acm.org/doi/10.1145/3243734.3243803
Shirazi FSimeonovski MAsghar MBackes MDiaz C(2018)A Survey on Routing in Anonymous Communication ProtocolsACM Computing Surveys10.1145/318265851:3(1-39)Online publication date: 12-Jun-2018
https://dl.acm.org/doi/10.1145/3182658
Tschorsch FScheuermann BArgyraki KIsaacs R(2016)Mind the gapProceedings of the 13th Usenix Conference on Networked Systems Design and Implementation10.5555/2930611.2930650(597-610)Online publication date: 16-Mar-2016
https://dl.acm.org/doi/10.5555/2930611.2930650
Geddes JSchliep MHopper NWeippl EKatzenbeisser SDe Capitani di Vimercati S(2016)ABRA CADABRAProceedings of the 2016 ACM on Workshop on Privacy in the Electronic Society10.1145/2994620.2994630(165-176)Online publication date: 24-Oct-2016
https://dl.acm.org/doi/10.1145/2994620.2994630
Alsabah MGoldberg I(2016)Performance and Security Improvements for TorACM Computing Surveys10.1145/294680249:2(1-36)Online publication date: 21-Sep-2016
https://dl.acm.org/doi/10.1145/2946802
He GYang MLuo JGu X(2015)A novel application classification attack against TorConcurrency and Computation: Practice & Experience10.1002/cpe.359327:18(5640-5661)Online publication date: 25-Dec-2015
https://dl.acm.org/doi/10.1002/cpe.3593
Jansen RGeddes JWacek CSherr MSyverson PFu K(2014)Never been KISTProceedings of the 23rd USENIX conference on Security Symposium10.5555/2671225.2671234(127-142)Online publication date: 20-Aug-2014
https://dl.acm.org/doi/10.5555/2671225.2671234
Geddes JJansen RHopper NAhn GDatta A(2014)IMUXProceedings of the 13th Workshop on Privacy in the Electronic Society10.1145/2665943.2665948(181-190)Online publication date: 3-Nov-2014
https://dl.acm.org/doi/10.1145/2665943.2665948
Show More Cited By

View Options

View options

Media

Figures

Other

Tables

View Table of Contents