Torben
- 14 April 2015
- conference paper
- conference paper
- Published by Association for Computing Machinery (ACM)
Abstract
The Tor network has established itself as de-facto standard for anonymous communication on the Internet, providing an increased level of privacy to over a million users worldwide. As a result, interest in the security of Tor is steadily growing, attracting researchers from academia as well as industry and even nation-state actors. While various attacks based on traffic analysis have been proposed, low accuracy and high false-positive rates in real-world settings still prohibit their application on a large scale. In this paper, we present Torben, a novel deanonymization attack against Tor. Our approach is considerably more reliable than existing traffic analysis attacks, simultaneously far less intrusive than browser exploits. The attack is based on an unfortunate interplay of technologies: (a) web pages can be easily manipulated to load content from untrusted origins and (b) despite encryption, low-latency anonymization networks cannot effectively hide the size of request-response pairs. We demonstrate that an attacker can abuse this interplay to design a side channel in the communication of Tor, allowing short web page markers to be transmitted to expose the web page a user visits over Tor. In an empirical evaluation with 60,000 web pages, our attack enables detecting these markers with an accuracy of over 91% and no false positives.Keywords
Funding Information
- BMBF (INDI (FZK 16KIS0154K))
- DFG (DEVIL (RI 2469/1-1))
This publication has 9 references indexed in Scilit:
- Adversarial Examples Are Not Easily DetectedPublished by Association for Computing Machinery (ACM) ,2017
- Touching from a distancePublished by Association for Computing Machinery (ACM) ,2012
- Website fingerprinting in onion routing based anonymization networksPublished by Association for Computing Machinery (ACM) ,2011
- Website fingerprintingPublished by Association for Computing Machinery (ACM) ,2009
- Network Flow Watermarking Attack on Low-Latency Anonymous Communication SystemsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2007
- Inferring the source of encrypted HTTP connectionsPublished by Association for Computing Machinery (ACM) ,2006
- Timing Analysis in Low-Latency Mix Networks: Attacks and DefensesLecture Notes in Computer Science, 2006
- Timing Attacks in Low-Latency Mix SystemsLecture Notes in Computer Science, 2004
- Tor: The Second-Generation Onion RouterPublished by Defense Technical Information Center (DTIC) ,2004