Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy-Preserving Dynamic Learning of Tor Network Traffic

Published byἩρὼ Αποστολίδης Modified over 5 years ago

Similar presentations

Presentation on theme: "Privacy-Preserving Dynamic Learning of Tor Network Traffic"— Presentation transcript:

1 Privacy-Preserving Dynamic Learning of Tor Network Traffic
Rob Jansen, U.S. Naval Research Laboratory Matthew Traudt, U.S. Naval Research Laboratory Nicholas Hopper, University of Minnesota Rob Jansen Center for High Assurance Computer Systems U.S. Naval Research Laboratory 25th Conference on Computer and Communication Security Beanfield Centre, Toronto, Canada October 18th, 2018

2 Main Contributions Safely Measure Tor Learn Tor Traffic w/ HMMs
Evaluate Traffic Models Build Traffic Models PrivCount Protocol Single File U.S. Naval Research Laboratory

3 Motivation

4 Tor is Popular The most popular deployed anonymous comm. system
~2*-8** million daily users ~6,400 volunteer relays* Transferring ~125 Gbit/s* Onion service adoption: *as of **IMC’18 U.S. Naval Research Laboratory

5 Tor Protects User Privacy
Anonymous Communication Tor separates identification from routing to provide unlinkable communication Protects user privacy and safety online = Circuit = Stream U.S. Naval Research Laboratory

6 Tor is Open and Transparent
Tor follows an open & transparent development process Open source Open communication Anyone can contribute A significant body of research > 4k citations A major research area for many prominent universities Many masters and doctoral theses focus on a Tor or a Tor-related research topic U.S. Naval Research Laboratory

7 Chutney/NetMirage/ExpTor:
Tor Experimentation Tor research depends on Tor experimentation tools to: Evaluate research design changes and trade-offs Test effects across a range of deployment scenarios and network conditions Reproduce research results Shadow: Network Simulation Chutney/NetMirage/ExpTor: Network Emulation U.S. Naval Research Laboratory

8 How to Generate Tor Traffic
How do we currently produce traffic in private Tor networks? Standard: download single file (static webpage size) Using a single file model fails to capture: Content length distribution Website structural dependencies (embedded objects) Temporal dynamics (async and bidirectional protocols) Destination diversity (CDNs, third party content) Tor protocol dynamics (processing of circuits and streams) Single File U.S. Naval Research Laboratory

9 Research Question and Contributions
How can we generate more accurate traffic flows for use in Tor experimentation tools and research? In this work, we: Use PrivCount to safely measure “ground truth” Tor statistics Learn generative models of Tor traffic (packets and streams) using hidden Markov modeling and iterative measurement Create traffic generation tools for private Tor networks Evaluate new traffic generation models against ground truth U.S. Naval Research Laboratory

10 Tor Measurement

11 PrivCount Measurement System
PrivCount: a privacy-preserving counting system Designed to safely collect useful Tor statistics [CCS’16] Based on the PrivEx secret sharing protocol [CCS’14] PrivCount security goals: Forward privacy: adversary cannot learn state of measurement before time of compromise Secure aggregation across all measurement nodes Measurement results are differentially private to protect user actions U.S. Naval Research Laboratory

12 PrivCount Deployment We deployed PrivCount on the public Tor network
U.S. Naval Research Laboratory

13 PrivCount Measurement Types
We used PrivCount to safely measure various Tor statistics U.S. Naval Research Laboratory

14 Results: Streams per Circuit
U.S. Naval Research Laboratory

15 Learning Tor Traffic

16 Learn Traffic with Hidden Markov Modeling
Use exit relay observations and PrivCount to safely learn HMM stream and packet models of live Tor traffic Exits can observe: Stream model events Circuit opened, stream created, circuit closed Packet model events Stream opened, packet transferred (directional), stream closed Both models Inter-event timing (relative time since previous observed event) U.S. Naval Research Laboratory

17 Hidden Markov Modeling: Overview
HMM: encode delay distributions on emission edges State-to-state transitions (circuit opened) (circuit closed) State-to-observation emissions U.S. Naval Research Laboratory

18 Hidden Markov Modeling: Process
Bootstrap HMM Safely measure HMM path frequencies with PrivCount Observe inter-stream delays Most likely HMM path (Viterbi) Count HMM frequencies Update HMM probs. using weight parameter AS 2500 TCP Flow TCP Flow Cluster flows, train initial HMM TCP Flow TCP Flow U.S. Naval Research Laboratory

19 Hidden Markov Modeling: Results
Fraction of observed sequences more likely under model x than under model y U.S. Naval Research Laboratory

20 Evaluation

21 Traffic Generator and Models
Build traffic generator (tgen) Based on action-dependency graph Creates TCP connections and transfers data Create tgen model configs (dependency graphs) Single file model (standard) PrivCount model (HMM results) Protocol model (HTTP archive, BitTorrent) U.S. Naval Research Laboratory

22 Model Evaluation Use Shadow (private Tor network)
Created Internet latency model Used RIPE Atlas, ~5 million pings Est. latency between 1,813 cities Run all 3 tgen models in Shadow Use our PrivCount version of Tor, record PrivCount events Run event traces through local PrivCount deployment Compare to previously collected “ground truth” U.S. Naval Research Laboratory

23 Model Comparison Results
Compared PrivCount stats across models and public Tor Used earth mover’s distance as a metric, cumulative dist.: Single: 703%, Protocol: 1001%, PrivCount: 408% U.S. Naval Research Laboratory

24 Talk Summary Contributions Extensions and future work Contact
Safely measure Tor, learn Tor traffic using HMMs, build traffic models, evaluate traffic models in Shadow All code merged into PrivCount and Shadow Data, code, and details at Extensions and future work Measure traffic models over longer timescales Create and measure a circuit creation model Further explore effect of traffic fidelity on research results Contact U.S. Naval Research Laboratory

25 Backup Slides

26 HMM Process U.S. Naval Research Laboratory

27 Action Bounds U.S. Naval Research Laboratory

28 Overhead U.S. Naval Research Laboratory

Download ppt "Privacy-Preserving Dynamic Learning of Tor Network Traffic"

Similar presentations

Tor: The Second-Generation Onion Router

Tor: The Second-Generation Onion Router
LASTor: A Low-Latency AS-Aware Tor Client

LASTor: A Low-Latency AS-Aware Tor Client
Trust-based Anonymous Communication: Models and Routing Algorithms Aaron Johnson Paul Syverson Roger Dingledine Nick Mathewson U.S. Naval Research Laboratory.

Trust-based Anonymous Communication: Models and Routing Algorithms Aaron Johnson Paul Syverson Roger Dingledine Nick Mathewson U.S. Naval Research Laboratory.
Consensus Routing: The Internet as a Distributed System 2009. 2. 26 John P. John, Ethan Katz-Bassett, Arvind Krishnamurthy, and Thomas Anderson Presented.

Consensus Routing: The Internet as a Distributed System John P. John, Ethan Katz-Bassett, Arvind Krishnamurthy, and Thomas Anderson Presented.
Onion Routing Security Analysis Aaron Johnson U.S. Naval Research Laboratory DC-Area Anonymity, Privacy, and Security Seminar.

Onion Routing Security Analysis Aaron Johnson U.S. Naval Research Laboratory DC-Area Anonymity, Privacy, and Security Seminar.
How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.

How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.
On Traffic Analysis in Tor Guest Lecture, ELE 574 Communications Security and Privacy Princeton University April 3 rd, 2014 Dr. Rob Jansen U.S. Naval Research.

On Traffic Analysis in Tor Guest Lecture, ELE 574 Communications Security and Privacy Princeton University April 3 rd, 2014 Dr. Rob Jansen U.S. Naval Research.
Watchdog Confident Event Detection in Heterogeneous Sensor Networks Matthew Keally 1, Gang Zhou 1, Guoliang Xing 2 1 College of William and Mary, 2 Michigan.

Watchdog Confident Event Detection in Heterogeneous Sensor Networks Matthew Keally 1, Gang Zhou 1, Guoliang Xing 2 1 College of William and Mary, 2 Michigan.
Network Monitoring for Internet Traffic Engineering Jennifer Rexford AT&T Labs – Research Florham Park, NJ 07932

Network Monitoring for Internet Traffic Engineering Jennifer Rexford AT&T Labs – Research Florham Park, NJ 07932
RelSamp: Preserving Application Structure in Sampled Flow Measurements Myungjin Lee, Mohammad Hajjat, Ramana Rao Kompella, Sanjay Rao.

RelSamp: Preserving Application Structure in Sampled Flow Measurements Myungjin Lee, Mohammad Hajjat, Ramana Rao Kompella, Sanjay Rao.
Prof. Vishnuprasad Nagadevara Indian Institute of Management Bangalore

Prof. Vishnuprasad Nagadevara Indian Institute of Management Bangalore
On the Anonymity of Anonymity Systems Andrei Serjantov (anonymous)

On the Anonymity of Anonymity Systems Andrei Serjantov (anonymous)
Www.sti-innsbruck.at © Copyright 2012 STI INNSBRUCK www.sti-innsbruck.at Tor project: Anonymity online.

© Copyright 2012 STI INNSBRUCK Tor project: Anonymity online.
CSE 486/586, Spring 2012 CSE 486/586 Distributed Systems Case Study: TOR Anonymity Network Bahadir Ismail Aydin Computer Sciences and Engineering University.

CSE 486/586, Spring 2012 CSE 486/586 Distributed Systems Case Study: TOR Anonymity Network Bahadir Ismail Aydin Computer Sciences and Engineering University.
Dynamic Network Emulation Security Analysis for Application Layer Protocols.

Dynamic Network Emulation Security Analysis for Application Layer Protocols.
Privacy-Preserving P2P Data Sharing with OneSwarm -Piggy.

Privacy-Preserving P2P Data Sharing with OneSwarm -Piggy.
Differences between In- and Outbound Internet Backbone Traffic Wolfgang John and Sven Tafvelin Dept. of Computer Science and Engineering Chalmers University.

Differences between In- and Outbound Internet Backbone Traffic Wolfgang John and Sven Tafvelin Dept. of Computer Science and Engineering Chalmers University.
Shadow: Simple HPC for Systems Security Research Invited Talk Kansas State University September 25 th, 2013 Rob Jansen U.S. Naval Research Laboratory

Shadow: Simple HPC for Systems Security Research Invited Talk Kansas State University September 25 th, 2013 Rob Jansen U.S. Naval Research Laboratory
Never Been KIST: Tor’s Congestion Management Blossoms with Kernel- Informed Socket Transport 23 rd USENIX Security Symposium August 20 th 2014 Rob JansenUS.

Never Been KIST: Tor’s Congestion Management Blossoms with Kernel- Informed Socket Transport 23 rd USENIX Security Symposium August 20 th 2014 Rob JansenUS.
Sharing Information across Congestion Windows CSE222A Project Presentation March 15, 2005 Apurva Sharma.

Sharing Information across Congestion Windows CSE222A Project Presentation March 15, 2005 Apurva Sharma.

Similar presentations

Ads by Google