Presentation is loading. Please wait.

Presentation is loading. Please wait.

Zhen Ling Southeast University Extensive Analysis and Large-Scale Empirical Evaluation of Tor Bridge Discovery In collaboration with Junzhou Luo, Southeast.

Published byWillis Gibson Modified over 8 years ago

Similar presentations

Presentation on theme: "Zhen Ling Southeast University Extensive Analysis and Large-Scale Empirical Evaluation of Tor Bridge Discovery In collaboration with Junzhou Luo, Southeast."— Presentation transcript:

1 Zhen Ling Southeast University Extensive Analysis and Large-Scale Empirical Evaluation of Tor Bridge Discovery In collaboration with Junzhou Luo, Southeast University Wei Yu, Towson University Ming Yang, Southeast University Xinwen Fu, University of Massachusetts Lowell 31th IEEE International Conference on Computer Communications (INFOCOM), 2012

2 2 Outline  Introduction  Discovery of Tor Bridges  Evaluation  Summary

3 3 Introduction  Tor is a popular low-latency anonymous communication system and supports TCP applications over the Internet Source routing for communication privacy Publicly listed on the Internet Circuit

4 4 Tor Bridges  Tor introduce bridge to resist the censorship blocking of public Tor routers Bridge information not listed on the Internet Distribution via bridge https server / email server

5 5 How Does Tor with Bridge Work?  Basic Components of Tor with Bridge

6 6 Two categories of bridge-discovery  The enumeration of bridges via bulk emails and Tor’s https server  The use of malicious middle routers to discover bridges

7 7 Outline  Introduction  Discovery of Tor Bridges  Evaluation  Summary

8 8 Basic Idea  Email and https enumeration Yahoo and gmail to bridges@torproject.org https://bridges.torproject.org/  Discovery by bad middle routers Fact: a circuit passes both bridge and malicious middle router Middle routers at apartments, PlanetLab or Amazon EC2

9 9 Enumerating Bridges via Email  Challenge: Tor limits bridge retrieval from each email account  500 PlanetLab nodes and 500+ Tor exit router as proxies to apply for 2000 email accounts via iMacros  A command-and-control architecture to send bulk emails  A tiny POP3 client Mpop to retrieve Yahoo emails via an emulated POP3 server FreePOPs

10 10 Enumerating Bridges via HTTPS  Challenge: Tor limits bridge retrieval from each class C network  https via PlanetLab nodes using a C&C architecuture  https via Tor exit nodes using customized two-hop circuits

11 11 Discovering Bridges via Tor Middle Router  Deploy malicious Tor middle routers on PlanetLab to discover bridges connected to these Tor middle routers  Prevent malicious routers from becoming entry or exit routers automatically Reduce their bandwidth or control their uptime By configuring the exit policy, we can prevent those malicious routers from becoming exit routers

12 12 Analysis of Enumeration via Email and HTTPS  Coupon collection problem  Classic coupon collection problem: Bridges uniformly selected Collect nlog(n) coupons on average to collect all of the bridges  A weighted coupon collection problem: Bridges are selected according to the bandwidth Expected number of different bridges generated by these h samplings can be computed by

13 13 Analysis of Bridge Discovery via Middle Routers  Assume that k computers are injected into the Tor network with advertised bandwidth b  We can get the catch probability that a TCP stream from a bridge traverses malicious middle routers Catch probability increases with k and b, i.e., the total bandwidth of malicious middle routers

14 14 Outline  Introduction  Discovery of Tor Bridges  Evaluation  Summary

15 15 Enumerated Bridges via Emails

16 16 Enumerated Bridges via HTTPS

17 17 Number of Samplings v.s. Number of Distinct Bridges via Emails and HTTPs

18 18 Discovery Bridges via ONE Tor Middle Router 2369 bridges in in two weeks

19 19 Outline  Introduction  Discovery of Tor Bridges  Evaluation  Summary

20 20 Summary  Extensive analysis and large-scale empirical evaluation of Tor bridge discovery via email, https and malicious Tor middle routers  2365 Tor bridges enumerated via email and https  2369 bridges discoved by only one controlled Tor middle router in just 14 days  Countermeasure needed

21 21Xinwen Fu21/15 Thank you!

Download ppt "Zhen Ling Southeast University Extensive Analysis and Large-Scale Empirical Evaluation of Tor Bridge Discovery In collaboration with Junzhou Luo, Southeast."

Similar presentations

LASTor: A Low-Latency AS-Aware Tor Client

LASTor: A Low-Latency AS-Aware Tor Client
How Many Ways Can You Connect To The Internet?

How Many Ways Can You Connect To The Internet?
NAT, firewalls and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.

NAT, firewalls and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.
One Cell is Enough to Break Tor’s Anonymity Xinwen Fu University of Massachusetts Lowell Team members Zhen Ling, Southeast University Junzhou Luo, Southeast.

One Cell is Enough to Break Tor’s Anonymity Xinwen Fu University of Massachusetts Lowell Team members Zhen Ling, Southeast University Junzhou Luo, Southeast.
Predicting Tor Path Compromise by Exit Port IEEE WIDA 2009December 16, 2009 Kevin Bauer, Dirk Grunwald, and Douglas Sicker University of Colorado Client.

Predicting Tor Path Compromise by Exit Port IEEE WIDA 2009December 16, 2009 Kevin Bauer, Dirk Grunwald, and Douglas Sicker University of Colorado Client.
ExperimenTor: A Testbed for Safe and Realistic Tor Experimentation Kevin Bauer 1 Micah Sherr 2 Damon McCoy 3 Dirk Grunwald 4 1 University of Waterloo 2.

ExperimenTor: A Testbed for Safe and Realistic Tor Experimentation Kevin Bauer 1 Micah Sherr 2 Damon McCoy 3 Dirk Grunwald 4 1 University of Waterloo 2.
Onion Routing Security Analysis Aaron Johnson U.S. Naval Research Laboratory DC-Area Anonymity, Privacy, and Security Seminar.

Onion Routing Security Analysis Aaron Johnson U.S. Naval Research Laboratory DC-Area Anonymity, Privacy, and Security Seminar.
How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.

How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.
Hiding Amongst the Clouds A Proposal for Cloud-based Onion Routing Nicholas Jones Matvey Arye Jacopo Cesareo Michael J. Freedman Princeton University.

Hiding Amongst the Clouds A Proposal for Cloud-based Onion Routing Nicholas Jones Matvey Arye Jacopo Cesareo Michael J. Freedman Princeton University.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Peer-to-peer Multimedia Streaming and Caching Service Jie WEI, Zhen MA May. 29.

Peer-to-peer Multimedia Streaming and Caching Service Jie WEI, Zhen MA May. 29.
Introduction to Networking & Telecommunications School of Business Eastern Illinois University © Abdou Illia, Spring 2007 (Week 1, Tuesday 1/9/2007)

Introduction to Networking & Telecommunications School of Business Eastern Illinois University © Abdou Illia, Spring 2007 (Week 1, Tuesday 1/9/2007)
An Overlay Data Plane for PlanetLab Andy Bavier, Mark Huang, and Larry Peterson Princeton University.

An Overlay Data Plane for PlanetLab Andy Bavier, Mark Huang, and Larry Peterson Princeton University.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
Scalable Distributed Stream Processing Presented by Ming Jiang.

Scalable Distributed Stream Processing Presented by Ming Jiang.
A New Replay Attack Against Anonymous Communication Networks Xinwen Fu June 30, 2015.

A New Replay Attack Against Anonymous Communication Networks Xinwen Fu June 30, 2015.
1 Internet Management and Security We will look at management and security of networks and systems. Systems: The end nodes of the Internet Network: The.

1 Internet Management and Security We will look at management and security of networks and systems. Systems: The end nodes of the Internet Network: The.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Peer-to-peer Multimedia Streaming and Caching Service by Won J. Jeon and Klara Nahrstedt University of Illinois at Urbana-Champaign, Urbana, USA.

Peer-to-peer Multimedia Streaming and Caching Service by Won J. Jeon and Klara Nahrstedt University of Illinois at Urbana-Champaign, Urbana, USA.
A Peer-to-Peer On-Demand Streaming Service and Its Performance Evaluation Yang Guo, Kyoungwon Suh, Jim Kurose, Don Towsley University of Massachusetts,

A Peer-to-Peer On-Demand Streaming Service and Its Performance Evaluation Yang Guo, Kyoungwon Suh, Jim Kurose, Don Towsley University of Massachusetts,

Similar presentations

Ads by Google