Presentation is loading. Please wait.

Presentation is loading. Please wait.

LASTor: A Low-Latency AS-Aware Tor Client Masoud Akhoondi, Curtis Yu, Harsha V. Madhyastha.

Similar presentations


Presentation on theme: "LASTor: A Low-Latency AS-Aware Tor Client Masoud Akhoondi, Curtis Yu, Harsha V. Madhyastha."— Presentation transcript:

1 LASTor: A Low-Latency AS-Aware Tor Client Masoud Akhoondi, Curtis Yu, Harsha V. Madhyastha

2 Tor (The onion router) S D R1 R2 R3 400,000 users 2700 relays Anonymity - Each hop only knows previous and next hop on a path Low latency communication - 90% of Tor traffic is interactive [Mccoy08]

3 How are latencies on Tor? Experiment: – Sources: 50 PlanetLab nodes spread across globe – Destinations: Top 200 websites 3 5x inflation in median

4 Exit relay Relay 2 Entry relay Profiling attack on Tor Entry segment Exit segment Green AS (Autonomous System) can eavesdrop on both end segments of path[Murdoch07] D S

5 How severe is profiling attack? 65% of relays are in 20% of all ASes 5 Non-uniform distribution of relays across ASes

6 Potential solution for these problems Measure latencies and routes from each relay to all end-hosts [ Sherr09, Alsabah11, Mittall11 ] – Requires modification of relays None of these proposals deployed yet – Non-trivial to implement

7 Main insight: Client modifications suffice Improve poor latency for interactive communications Mitigate profiling attack LASTor: A low-latency AS-aware Tor client

8 Main insight: Client modifications suffice Solution: Modified path selection to reduce latency Solution: AS-aware path selection Improve poor latency for interactive communications Mitigate profiling attack

9 Sources of latency on Tor Queuing and processing delay – Congestion in relays [Panchenko09] Propagation delay – Long paths Goal: Improve latency D S

10 Shortest path vs. Default Tor Destinations: – Top 200 websites Sources: – 50 PlanetLab nodes spread across globe Map relays to geographical locations Shorter paths can greatly reduce latency 50% improvement in median 10 Goal: Improve latency Path should not be deterministic  Weighted Shortest Path (WSP)

11 Weighted Shortest Path (WSP) WSP computes length of all possible paths Probability of choosing is inversely proportional to its length 11 Goal: Improve latency PathLengthProb. Uppe r Lower100.44

12 Goal: Improve latency An Attack on WSP Original prob.Prob. Compromised paths Other paths Attacker controls a relay

13 Goal: Improve latency Solution: Clustering of relays Run WSP using clusters of relays For chosen cluster-level path, randomly pick a relay in each cluster Run WSP using clusters of relays For chosen cluster-level path, randomly pick a relay in each cluster

14 Goal: Improve latency Solution: Clustering of relays Prob. Compromised paths0.56 Other paths0.44

15 Weighted Shortest Path (WSP) Preprocessing – Cluster all relays Path selection – Computes length of possible paths using clusters – Choose a path with a probability inversely proportional to its length – Pick a relay randomly in each chosen cluster Other issues (see paper) – Handling multi-location destinations – Choosing entry relays Goal: Improve latency

16 WSP reduces latency 50 PlanetLab nodes to top 200 websites 20% improvement in 80th percentile 16 Goal: Improve latency 25% improvement in median

17 Tunable path selection in LASTor Modify WSP to consider user’s preference towards: – Anonymity – Latency Single parameter α configured by user: – Modified weight w to w (1-α) where 0 ≤α≤ 1 01 α Lowest latencyHighest anonymity 17 Goal: Improve latency

18 Tunable path selection in LASTor  Gini Coefficient  measure of inequality in a distribution  0: perfect equality  1: maximal inequality 18 Lower α, lower latency Higher α, higher anonymity Goal: Improve latency

19 Main insight: Client modifications suffice Solution: Modified path selection to reduce latency Solution: AS-aware path selection Improve poor latency for interactive communications Mitigate profiling attack

20 Exit relay Relay 2 Entry relay Profiling attack on a path Entry segment Exit segment Green AS (Autonomous System) can eavesdrop on both end segments of path[Murdoch07] Goal: Detect common ASes on entry and exit segments D S Goal: AS-aware

21 Simple heuristic does not work Default Tor ensures no two Tor relays in same /16 False negative: fraction of paths with common AS not detected 57% of common AS instances are missed Goal: AS-aware

22 Need for predicting AS paths Approach 1: Measure routes from relays to all end hosts – Need to modify relays Approach 2: Infer AS-level routes – Several techniques exist [Mao05, Madhyastha06, Madhyastha09, Lee11] – At best 70% accuracy Goal: AS-aware Exit relay D

23 Our solution: AS set prediction Goal: AS-aware Predict ASes on all paths compliant with routing policies Exit relay D

24 Our solution: AS set prediction Goal: AS-aware Predict ASes on all paths compliant with routing policies Exit relay D

25 Our solution: AS set prediction Input [13MB initially, 1.5MB weekly] – Topology graph at AS-level – Estimate of AS path length – Compact representation routing policies: Triple of (AS1, AS2, AS3) where AS1  AS2  AS3 Algorithm – Modified version of Dijkstra’s algorithm Output – Set of ASes on policy-compliant routes Goal: AS-aware

26 AS set based prediction is accurate 26 11% of common AS instances are missed Goal: AS-aware 57% of common AS instances are missed False negative: fraction of paths with common AS not detected Any path selection algorithm can use AS set predcition to avoid profiling attack

27 LASTor Latency PlanetLab nodes to top 200 websites

28 Summary Demonstrated client side changes are sufficient for: – Lower latency – Higher anonymity Designed and implemented LASTor – Reduces median latency by 25% – Reduces median false negative of common AS from 57% to 11% 28

29 Thank you 29

30 How does Tor work? (Onion Routing) R4 R5 R3 R2 R1 Server Client Entry Relay (guard) Middle Relay Exit Relay ,000 users relays

31 Is distance a good estimation of latency? Choose two different paths: – WSP(latency) – WSP(distance) Measure latency on these two paths There is no significant difference between these two metrics planetlab nodes as source and top 200 websites as destination

32 Accuracy of AS-set prediction algorithm 32 Goal: AS-aware

33 33 Clustering of relays reduces: -Probability of the attack -Running time of WSP Clustering of relays reduces: -Probability of the attack -Running time of WSP Adversary replicates 10% most popular relays 25 times Compute probability of the chosen path traversing a malicious relay Goal: Improve latency Attack on WSP 50% reduction


Download ppt "LASTor: A Low-Latency AS-Aware Tor Client Masoud Akhoondi, Curtis Yu, Harsha V. Madhyastha."

Similar presentations


Ads by Google