[tor-commits] [tech-reports/master] Reformat Sponsor 19 report 1 as Tor tech report.
karsten at torproject.org
karsten at torproject.org
Sat Jan 19 08:40:55 UTC 2019
commit 430e5d319fc767264031ec41c6c46fd42e0ecc8b
Author: Karsten Loesing <karsten.loesing at gmx.net>
Date: Tue Jan 15 16:22:43 2019 +0100
Reformat Sponsor 19 report 1 as Tor tech report.
---
2018/sponsor19/report1/dos-censorship-report1.tex | 258 +++-------------------
2018/sponsor19/report1/intro.tex | 4 +-
2018/sponsor19/report1/task10.tex | 14 +-
2018/sponsor19/report1/task10c.tex | 16 +-
2018/sponsor19/report1/task11.tex | 32 +--
2018/sponsor19/report1/task6.tex | 30 +--
2018/sponsor19/report1/task7a.tex | 20 +-
2018/sponsor19/report1/task7b.tex | 6 +-
2018/sponsor19/report1/task8.tex | 10 +-
2018/sponsor19/report1/task9.tex | 56 ++---
2018/sponsor19/report1/tortechrep.cls | 1 +
11 files changed, 125 insertions(+), 322 deletions(-)
diff --git a/2018/sponsor19/report1/dos-censorship-report1.tex b/2018/sponsor19/report1/dos-censorship-report1.tex
index 8b21a70..e9f09af 100644
--- a/2018/sponsor19/report1/dos-censorship-report1.tex
+++ b/2018/sponsor19/report1/dos-censorship-report1.tex
@@ -1,20 +1,24 @@
-\documentclass[twoside,openright,11pt]{report}
+\documentclass{tortechrep}
\newcommand{\todo}[1]{[{\textbf{todo}}: {\em\color{red} #1}]}
-\newcommand{\deliverabletitle}{Interim Report 1}
-\newcommand{\deliverabletitleshort}{Interim Report 1}
-\newcommand{\reportnumber}{1}
-\newcommand{\deliverabledate}{November 2018}
+\newcommand{\deliverabletitle}{Addressing Denial of Service Attacks on Free and
+Open Communication on the Internet}
+\newcommand{\deliverablesubtitle}{Interim Report 1}
+\newcommand{\reportnumber}{2018-11-001}
+\newcommand{\deliverabledate}{November 19, 2018}
+\newcommand{\deliverablecontact}{kat at torproject.org}
+\newcommand{\deliverablefootnote}{This work is licensed under a \href{https://creativecommons.org/licenses/by/4.0/legalcode}{Creative Commons Attribution 4.0 International License}. \ccby}
\newcommand{\eg}{\mbox{e.g.}\xspace}
\newcommand{\ie}{\mbox{i.e.}\xspace}
\newcommand{\deliverableauthorlist}{
-Antonela Debiasi, Roger Dingledine, Arthur Edelstein, Alexander F\ae r\o y, \\
-Matthew Finkel, David Goulet, Kat Hanna, Maggie Haughey, George Kadianakis, \\
-Iain R. Learmonth, Alison Macrina, Maria Xynou }
+Antonela Debiasi, Roger Dingledine, Arthur Edelstein,\\%
+Alexander F\ae r\o y, Matthew Finkel, David Goulet,\\%
+Kat Hanna, Maggie Haughey, George Kadianakis,\\%
+Iain R. Learmonth, Alison Macrina, and Maria Xynou}%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@@ -23,31 +27,15 @@ Iain R. Learmonth, Alison Macrina, Maria Xynou }
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-% Document geometry
-%
-
-% Set up for letter rather than A4
-\usepackage[left=.75in,right=.75in,top=1in,bottom=1in,foot=48pt]{geometry}
-
-%\setlength{\textheight}{230mm}
-%\setlength{\textwidth}{160mm}
-%\setlength{\voffset}{-25mm}
-%\setlength{\oddsidemargin}{0mm}
-%\setlength{\evensidemargin}{0mm}
-\addtolength{\parskip}{0.33\baselineskip}
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% Package definitions
%
-\usepackage{helvet}
\usepackage{graphicx}
\usepackage{subfigure}
\usepackage{color}
\usepackage{xcolor}
\usepackage{chngcntr}
\usepackage{longtable}
-\usepackage{lastpage}
\usepackage{fancyhdr}
\usepackage{setspace}
\usepackage{url}
@@ -61,97 +49,11 @@ Iain R. Learmonth, Alison Macrina, Maria Xynou }
\usepackage{ccicons}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-% Font definitions
-%
-\renewcommand\familydefault{\sfdefault}
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% Heading style definitions
%
\setcounter{secnumdepth}{4}
-\makeatletter
-\renewcommand{\chapter}{\@startsection{chapter}{0}{0mm}
- {\baselineskip}%
- {\baselineskip}{\clearpage\LARGE\bf\color{black}}}
-\renewcommand{\section}{\@startsection{section}{1}{0mm}
- {\baselineskip}%
- {\baselineskip}{\LARGE\color{black}}}%
-\renewcommand{\subsection}{\@startsection{subsection}{2}{0mm}
- {\baselineskip}%
- {\baselineskip}{\Large\color{black}}}%
-\renewcommand{\subsubsection}{\@startsection{subsubsection}{3}{0mm}
- {\baselineskip}%
- {\baselineskip}{\large\color{black}}}%
-\makeatother
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-% Table of contents styling
-%
-% Finamore: added dotted lines also for chapters
-% solution found at http://tex.stackexchange.com/questions/62438/how-to-add-leaders-to-table-of-contents-without-tocloft
-\makeatletter
-\renewcommand*\l at chapter[2]{%
- \ifnum \c at tocdepth >\m at ne
- \addpenalty{-\@highpenalty}%
- \vskip 1.0em \@plus\p@
- \setlength\@tempdima{1.5em}%
- \begingroup
- \parindent \z@ \rightskip \@pnumwidth
- \parfillskip -\@pnumwidth
- \leavevmode %\bfseries
- \advance\leftskip\@tempdima
- \hskip -\leftskip
- #1\nobreak
- \xleaders\hbox{$\m at th
- \mkern \@dotsep mu\hbox{.}\mkern \@dotsep mu$}\hfill%
- \nobreak\hb at xt@\@pnumwidth{\hss #2}\par
- \penalty\@highpenalty
- \endgroup
- \fi}
-\renewcommand*\l at section{\@dottedtocline{1}{1.5em}{2.3em}}
-\renewcommand*\l at subsection{\@dottedtocline{2}{3.8em}{3.2em}}
-\renewcommand*\l at subsubsection{\@dottedtocline{3}{7.0em}{4.1em}}
-\renewcommand*\l at paragraph{\@dottedtocline{4}{10em}{5em}}
-\renewcommand*\l at subparagraph{\@dottedtocline{5}{12em}{6em}}
-\renewcommand*{\@dotsep}{1}
-\makeatother
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-% Header and footer definitions
-%
-
-%\setlength{\headheight}{52pt}
-%\setlength{\footskip}{47pt}
-\renewcommand{\headrulewidth}{0pt}
-\pagestyle{fancyplain}
-
-%\fancyhead[L]{\textsf{DoS Resilience \\ D\reportnumber ~\deliverabletitleshort}}
-\fancyhead[L]{\textsf{Addressing Denial of Service Attacks on Free and Open Communication on the Internet \\ \deliverabletitleshort}}
-\fancyhead[R]{\setlength{\unitlength}{1mm}
-\begin{picture}(0,0)
- %\put(-70,-4){\includegraphics[width=70mm]{logos/EC-H2020.png}}
-\end{picture}
-}
-\fancyfoot[L]{\setlength{\unitlength}{1mm}
-\begin{picture}(0,0)
- \put(0,6){\includegraphics[width=10mm]{../torlogo.png}}
-\end{picture}
-}
-\fancyfoot[C]{\vspace{-10mm}\textsf{\thepage\hspace{0.3em}of \pageref{LastPage}}}
-\fancyfoot[R]{\vspace{-10mm}\textsf{\deliverabledate}}
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-% Miscellaneous document adjustments go here
-
-% Call the bibliography a references section
-\renewcommand*{\bibname}{References}
-
-% Number figures and tables globally
-\counterwithout{figure}{chapter}
-\counterwithout{table}{chapter}
-
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% Define some colors
@@ -163,29 +65,6 @@ Iain R. Learmonth, Alison Macrina, Maria Xynou }
\definecolor{measurementred}{RGB}{255, 128, 128}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-% Define some useful commands
- %\EDNOTE{who}{what} - place an editor's note in the document.
- %\INNOTE{who}{what} - place an inline note in the document
-
-\newcommand{\EDNOTE}[2]{
- \par\large\centerline{
- \mbox{
- \begin{tabular}{ll}
- \textsf{\textbf{#1}} &
- \fbox{
- \begin{minipage}{0.6\linewidth}
- \em\color{red} #2
- \end{minipage}
- }
- \end{tabular}
- }}
- \par\vspace{4mm}
-}
-
-\newcommand{\INNOTE}[2]{[\textsf{\textbf{#1}}: {\em\color{red} #2}]}
-
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\acrodef{AQM}{Active Queue Management}
\acrodef{ECN}{Explicit Congestion Notification}
@@ -210,151 +89,74 @@ Iain R. Learmonth, Alison Macrina, Maria Xynou }
% Front page
%
\begin{document}
-\thispagestyle{empty}
-\parindent0pt
-
-\newcolumntype{R}[1]{>{\raggedleft}p{#1}}
-%\begin{tabular}{R{130mm} p{26mm}}
-% \vspace{0pt}
-% {\bf\small\color{darkgray} H2020 European Union funding \\ for Research \& Innovation}
-% {\small\color{darkgray} This project has received funding from the funder \\
-% research and innovation programme under grant agreement No $x$ where $x > 0$.}
-%
-% &
-% \vspace{0pt}
-% %\includegraphics[width=26mm]{logos/eu_flag_small.jpg}
-%\end{tabular}
-
-\vspace{20mm}
-
-\begin{center}
-\hspace{-3mm}\includegraphics[width=90mm]{../torlogo.png}
-\end{center}
-
-\vspace{5mm}
-\centerline{\rule{0em}{1.5em}\LARGE\bf\color{black}Addressing Denial of Service Attacks on}
-\vspace{5mm}
-\centerline{\rule{0em}{1.5em}\LARGE\bf\color{black}Free and Open Communication on the Internet}
-%\vspace{5mm}
-%\centerline{\rule{0em}{1.5em}\bf\Large\color{darkgray}H2020-ICT-688421}
-
-\vspace{20mm}
-
-\begin{centering}
-\fbox{
- \begin{minipage}{\linewidth}
- \vspace*{1mm}
- \center
- \huge\em\bf\color{darkred}\deliverabletitle
- \end{minipage}
-}
-%\centerline{\huge\em\bf\color{sangria}\deliverabletitle}
-
-\vspace{2mm}
-
-\fbox{
- \begin{minipage}{\linewidth}
- \large\textsf{
- \begin{tabular}{lll}
- \textbf{Authors:}
- \deliverableauthorlist
- \end{tabular}}
- \end{minipage}
-}
-
-\vspace{5mm}
-
-\mbox{\begin{minipage}{\linewidth}
- \textsf{\begin{tabular}{ll}
- %\textbf{Report Number:} & D\reportnumber \\
- \textbf{Date of Delivery:} \deliverabledate\\
- \\
- \textbf{Distribution Statement A.} Approved for Public Release, Distribution Unlimited \\
- \\
- This work is licensed under a \href{https://creativecommons.org/licenses/by/4.0/legalcode}{Creative Commons Attribution 4.0 International License}. \ccby
- \end{tabular}}
-
-\end{minipage}
-}
+\title{\deliverabletitle}
+\subtitle{\deliverablesubtitle}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-% Disclaimer
-%
-%\clearpage
-%
-% \mbox{\begin{minipage}{\linewidth}
-% \addcontentsline{toc}{chapter}{Disclaimer}
-% {\LARGE\em\bf\color{black}{Disclaimer}}
-%
-% \vspace{10mm}
-% \em{
-% \todo{I guess we need some disclaimer here related to the funding}
-% }
-% \end{minipage}}
+\author{\deliverableauthorlist}
+\contact{\deliverablecontact}
+\reportid{\reportnumber\footnote{\deliverablefootnote}}
- \end{centering}
+\date{\deliverabledate}
+\maketitle
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% Table of contents
%
-\clearpage
\tableofcontents
-\chapter{Introduction}
-%\addcontentsline{toc}{chapter}{Introduction}
+\section{Introduction}
\label{chap:intro}
\input{intro.tex}
-\chapter{Better Pluggable Transports for Actively Censored Regimes}
+\section{Better Pluggable Transports for Actively Censored Regimes}
\label{chap:better-pts}
-\section{Bridge distribution and pluggable transports}
+\subsection{Bridge distribution and pluggable transports}
\input{task7a.tex}
-\section{Tor Browser and pluggable transports}
+\subsection{Tor Browser and pluggable transports}
\input{task7b.tex}
-\chapter{Beyond Web Browsing}
+\section{Beyond Web Browsing}
\label{chap:more-apps}
\input{task9.tex}
-\chapter{Performance Under Resource Constraints}
+\section{Performance Under Resource Constraints}
\label{chap:perf-bad-networks}
\input{task10.tex}
\input{task10c.tex}
-\chapter{Network and Censorship Measurement}
+\section{Network and Censorship Measurement}
\label{chap:measurement}
\input{task11.tex}
-\chapter{Onion Routing Network Defense}
+\section{Onion Routing Network Defense}
\label{chap:network-defense}
\input{task6.tex}
-\chapter{A Stronger Research Community}
+\section{A Stronger Research Community}
\label{chap:stronger-research}
\input{task8.tex}
-\chapter{Conclusion}
+\section{Conclusion}
\label{chap:conclusion}
\input{conclusion.tex}
-\chapter{Acknowledgements}
+\section{Acknowledgements}
\input{acknowledgements.tex}
-\bibliographystyle{plain}
\bibliography{../sponsor19,../rfc,../tortechreports,../references}
\end{document}
diff --git a/2018/sponsor19/report1/intro.tex b/2018/sponsor19/report1/intro.tex
index de5a4f9..90d05f4 100644
--- a/2018/sponsor19/report1/intro.tex
+++ b/2018/sponsor19/report1/intro.tex
@@ -31,7 +31,7 @@ and how we defend against them; and Section~\ref{chap:stronger-research}
discusses building a stronger relationship between the Tor Project and academic
researchers.
-\section{About Tor}
+\subsection{About Tor}
\label{intro-about-tor}
The Tor anonymity system~\cite{tor-design} protects internet users from
@@ -69,7 +69,7 @@ privacy. Directory authorities periodically publish a list of the addresses of
these available relays, and applications such as Tor Browser choose relays from
this list when they connect to the Tor network.
-\section{Tor and censorship}
+\subsection{Tor and censorship}
%\label{intro-tor-censorship}
Governments and other censors use a variety of tools to deny people access to
diff --git a/2018/sponsor19/report1/task10.tex b/2018/sponsor19/report1/task10.tex
index cb05470..0dc5b1d 100644
--- a/2018/sponsor19/report1/task10.tex
+++ b/2018/sponsor19/report1/task10.tex
@@ -19,7 +19,7 @@ contribute to poor performance for our users.
%all parts of the system.
%
-\section{Performance in resource constrained access networks}
+\subsection{Performance in resource constrained access networks}
In the more developed world, recent advances in wired broadband networks and
cellular networks have led to faster speed when connecting to the internet. But
@@ -74,13 +74,13 @@ increase. Until connectivity is completely lost, the Tor protocol and the
pluggable transports used with Tor should ideally be able to degrade gracefully
by adapting to the changing network conditions.
-\section{Improving client performance}
+\subsection{Improving client performance}
We plan to improve client performance both for users who have bad network
connections and also to ensure that performance degrades gracefully when the
network is under attack.
-\subsection{End-to-end performance}
+\subsubsection{End-to-end performance}
Network characteristics such as latency, bandwidth, data packet loss, and
jitter are highly interrelated. For example, in TCP connections such as those
@@ -96,7 +96,7 @@ data must be queued before it can be sent, and this can increase the latency in
the network. These locations include network hardware, operating system
interfaces and the Tor software.
-\subsubsection{Congestion control}
+\paragraph{Congestion control}
%In looking to reduce the delays introduced by uncontrolled congestion in Tor,
%researchers have explored alternative classes of congestion and flow control.
@@ -132,7 +132,7 @@ results show that there
is clearly room for improvement, although further
research is needed before we decide what to implement.
-\subsubsection{Improved socket management}
+\paragraph{Improved socket management}
Congestion does not only occur within Tor relay software or within the networks
that join them together; it can also occur in the operating system that the Tor
@@ -157,7 +157,7 @@ network throughput by nearly 10\% in experiments. This improved algorithm has
been included in the Tor relay software since version 0.3.2.
-\subsection{Resumable uploads}
+\subsubsection{Resumable uploads}
Some users may have access networks that provide intermittent connectivity.
This can occur even with good infrastructure when, for example, a user switches
@@ -178,7 +178,7 @@ could be added to Tor Browser to assist in resuming large uploads or downloads
in the event that connectivity is interrupted. If transfers resume
automatically this may even be transparent to the user.
-\subsection{Striping connections}
+\subsubsection{Striping connections}
Bridges providing access to the Tor network via pluggable transports often have
lower bandwidth available than regular relays. To help in load-balancing across
diff --git a/2018/sponsor19/report1/task10c.tex b/2018/sponsor19/report1/task10c.tex
index c1d8cf8..4dc41e8 100644
--- a/2018/sponsor19/report1/task10c.tex
+++ b/2018/sponsor19/report1/task10c.tex
@@ -1,4 +1,4 @@
-\section{Performance while under attack}
+\subsection{Performance while under attack}
\label{perf-dos-attacks}
There are several ways to mount a Denial of Service (DoS) attack against the
@@ -10,9 +10,9 @@ The following is heavily inspired by the 2015 Tor technical report
defenses''~\cite{dos-techreport}. Section~\ref{dos} describes some recent
attacks on the Tor network.
-\subsection{Types of DoS attacks}
+\subsubsection{Types of DoS attacks}
-\subsubsection{CPU consumption}
+\paragraph{CPU consumption}
Most of Tor's running time is spent performing expensive cryptographic
computation. It requires a lot of processing power on the CPU (central
@@ -34,7 +34,7 @@ other things, it could render Tor unable to accomplish its real tasks.
processor use.
\end{itemize}
-\subsubsection{Memory consumption}
+\paragraph{Memory consumption}
Tor relies on having adequate computer memory available to function well.
Exhausting the available memory on a server running a relay leads to
@@ -45,7 +45,7 @@ many places in the Tor code that could benefit from memory optimization: using
smaller objects in memory, cleaning up more frequently, optimizing access to
shared or common data, and so on.
-\subsubsection{Disk space consumption}
+\paragraph{Disk space consumption}
These days, we rarely see servers\textemdash or even
clients\textemdash with very low disk space, but disk space is still very
@@ -57,7 +57,7 @@ create the Tor consensus.
not be the cause of available disk space becoming low, but it is important that
we ensure that Tor can keep running, even with no available space at all.
-\subsubsection{Bandwidth consumption}
+\paragraph{Bandwidth consumption}
Attacks that disrupt Tor's ability to move data between the client, the relays
in a circuit, and a destination by consuming a lot of bandwidth are
@@ -98,7 +98,7 @@ These are rare, but high-impact~\cite{jansen2014sniper}.
\end{itemize}
-\subsubsection{Network resources exhaustion}
+\paragraph{Network resources exhaustion}
TCP connections are specified with a port and IP address. There are 65535
available ports. If an attacker opens, and keeps open, connections to most or
@@ -113,7 +113,7 @@ We could also explore using UDP, another transport protocol that doesn't suffer
It might also be possible to use IPv6, which has a much larger range of
addresses, to mitigate this problem.
-\subsection{Future directions}
+\subsubsection{Future directions}
To improve Tor's resilience against Denial of Service attacks, we should favor
defenses that address multiple types of attacks simultaneously over defenses
diff --git a/2018/sponsor19/report1/task11.tex b/2018/sponsor19/report1/task11.tex
index 9f2e04c..bac2d73 100644
--- a/2018/sponsor19/report1/task11.tex
+++ b/2018/sponsor19/report1/task11.tex
@@ -8,7 +8,7 @@ team collects about Tor users and the Tor network;
Section~\ref{censorship-of-tor} describes information that the Open Observatory
of Network Interference (OONI)~\cite{ooni-paper} and the Tor Networks team collect about censorship of the Tor network.
-\section{Tor Metrics public datasets}
+\subsection{Tor Metrics public datasets}
\label{sec:public-datasets}
Tor Metrics \cite{wecsr10measuring-tor} archives historical data about the Tor
@@ -34,7 +34,7 @@ contains a number of customizable plots to show user, traffic, relay, bridge,
and application download statistics over a requested time period for a
particular country.
-\subsection{Relay and bridge user counts}
+\subsubsection{Relay and bridge user counts}
The number of Tor users is one of our most important statistics. It is vital
to know how many people use the Tor network on a daily basis, whether
@@ -58,7 +58,7 @@ Relay users are users that connect directly to a relay in order to connect to
the Tor network; bridge users connect to a bridge as an entry point into the
Tor network.
-\subsection{Safe counting and PrivCount}
+\subsubsection{Safe counting and PrivCount}
Recent advances in privacy-preserving metrics collection such as private
set-union cardinality~\cite{psc-ccs2017} and PrivCount~\cite{privcount-ccs2016}
@@ -86,7 +86,7 @@ early count of two million daily users.
We need to closely examine the methodologies used in this work to validate its
findings.
-\subsection{Reliable geolocation}
+\subsubsection{Reliable geolocation}
In producing metrics relating to countries, for example the top countries
by daily users shown in Table~\ref{tbl:top-user-countries}, Tor Metrics
@@ -159,7 +159,7 @@ not possible to say whether a switch would improve this situation or not.
We hope to analyze the different databases and feeds available
to us to determine which options best fit our requirements.
-\subsection{Network performance}
+\subsubsection{Network performance}
\label{sec:onionperf}
The performance that Tor users experience depends on many factors and is
@@ -229,7 +229,7 @@ access networks.
Further, to understand the performance for users in denied countries,
performance measurements should be carried out using pluggable transports.
-\section{Detecting censorship of Tor}
+\subsection{Detecting censorship of Tor}
\label{censorship-of-tor}
The Tor network offers online anonymity, privacy, and censorship circumvention.
@@ -254,7 +254,7 @@ In recent years, however, we have (mainly) observed the blocking of the Tor
network in the following countries: Egypt, Ethiopia, China, Iran, Turkey,
and Venezuela.
-\subsection{Open Observatory of Network Interference}
+\subsubsection{Open Observatory of Network Interference}
\label{ooni}
Over the last several years, we have been monitoring the blocking of the Tor
@@ -294,7 +294,7 @@ where Tor is blocked, such as Egypt and Iran. We will continue to expand our
community engagement activities to monitor the blocking of Tor and to make it
more resilient to censorship.
-\subsubsection{Egypt}
+\paragraph{Egypt}
Following the blocking of hundreds of media
websites~\cite{ooni-egypt-summary},
@@ -343,7 +343,7 @@ OONI Probe in Egypt between June and November 2017.}
Recent OONI measurements suggest that access to the Tor network, when
not using a private obfs4 bridge, remains blocked in Egypt.
-\subsubsection{Ethiopia}
+\paragraph{Ethiopia}
During a wave of protests in
2016~\cite{bbc-ethiopia-protests}, numerous
@@ -381,7 +381,7 @@ most recent measurements suggest that access to the Tor network remains blocked
as well. Bridge reachability tests have never been run in Ethiopia, and so it
remains unclear if access to Tor bridges is blocked.
-\subsubsection{China}
+\paragraph{China}
China is known for its pervasive internet censorship apparatus, which also
involves the blocking of numerous circumvention tools. Most OONI
@@ -438,7 +438,7 @@ the China Education \& Research Network Center (AS 4538). Bridge reachability
tests haven't been run in China in recent years, limiting our ability to
evaluate whether they work locally or not.
-\subsubsection{Iran}
+\paragraph{Iran}
The breadth and depth of internet censorship in Iran is pervasive. Thousands of
OONI Probe
@@ -462,7 +462,7 @@ deterministic, as we've observed the dynamic blocking and unblocking of
services over time. Censorship measurement is therefore required on an ongoing
basis.
-\subsubsection{Turkey}
+\paragraph{Turkey}
Direct connections to
the Tor network appear to be blocked in Turkey as well. Between June 2017 and
@@ -487,7 +487,7 @@ the Tor network. This ISP also appears to be blocking access to Tor's website, b
Vodafone (AS 15897). Bridge reachability tests have never been run by volunteers
in Turkey, limiting our ability to assess whether Tor bridges work locally.
-\subsubsection{Venezuela}
+\paragraph{Venezuela}
A few months ago, one ISP in
Venezuela blocked access to the Tor network as well.
@@ -540,7 +540,7 @@ The Tor Project website has remained accessible in CANTV (and other
networks) all along, even during the time that direct Tor network connections
and default obfs4 bridges were blocked.
-\subsection{Tor Metrics anomaly detection}
+\subsubsection{Tor Metrics anomaly detection}
Tor Metrics has an ``early warning system"~\cite{tor-2011-09-001} to indicate
anomalies in the counts of directly connecting Tor users. The detector is based
@@ -583,7 +583,7 @@ and reports daily to a mailing
list~\cite{infolabe}
but is not yet integrated with Tor Metrics.
-\subsection{Events timeline}
+\subsubsection{Events timeline}
Tor Metrics maintains a
timeline~\cite{tor-metrics-news} of events
@@ -622,7 +622,7 @@ context when interpreting the user count data and visualizations.}
\label{tbl:timeline-examples}
\end{table}
-\subsection{Future directions}
+\subsubsection{Future directions}
There is significant work to be done to get us from knowing when access to the
Tor network is blocked, to knowing which pluggable transports work in which
diff --git a/2018/sponsor19/report1/task6.tex b/2018/sponsor19/report1/task6.tex
index c9c6aed..4c28acb 100644
--- a/2018/sponsor19/report1/task6.tex
+++ b/2018/sponsor19/report1/task6.tex
@@ -1,4 +1,4 @@
-\section{Tor network health}
+\subsection{Tor network health}
\label{sec:network-health}
The health of the Tor network is crucial to all of the services Tor provides,
@@ -11,10 +11,10 @@ Section~\ref{health-bad} describes our ongoing fight against
malicious relays and includes our detection methods and our process to remove a
relay from the network.
-\subsection{The state of the network}
+\subsubsection{The state of the network}
\label{health-state}
-\subsubsection{Numbers}
+\paragraph{Numbers}
The Tor network is currently composed of about 6400 relays run by
volunteers around the world. As Figure~\ref{png-network} shows, the
@@ -93,7 +93,7 @@ numbers come from the number of directory requests reported by bridges.}
\end{figure}
-\subsubsection{Diversity}
+\paragraph{Diversity}
Diversity is an important factor for the safety and anonymity provided by the
Tor network. We can measure diversity in a variety of ways, but for this
@@ -157,12 +157,12 @@ advocate who helps support current relay operators and does outreach to attract
new ones. In addition, as part of our global south initiative, our community
liaison has been helping volunteers set up relays in those regions.
-\subsection{Malicious relays}\label{health-bad}
+\subsubsection{Malicious relays}\label{health-bad}
This section describes the types of malicious relays we see in the network and
how we deal with them.
-\subsubsection{Rejecting relays}
+\paragraph{Rejecting relays}
Anyone on the Internet can run a relay which means that we need to be aware
that malicious actors can join anonymously and disrupt the network---sometimes
@@ -196,7 +196,7 @@ would have funding to hire a \emph{network health engineer} to monitor
the network more closely and
improve our detection methods.
-\subsubsection{Malicious onion service directories}
+\paragraph{Malicious onion service directories}
A relay
that has been online for 96 hours or more can become an \emph{onion
@@ -215,7 +215,7 @@ For this reason, we have a scanner that detects onion service directories that
collect .onion addresses and visit them. Every week we reject 5 to 10 relays
from the network that are doing this.
-\subsection{Current outlook and future directions}
+\subsubsection{Current outlook and future directions}
The Tor network is healthy in terms of capacity.
% It is not currently using all
@@ -244,14 +244,14 @@ more OS diversity to the network. Improving our network monitoring is an
ongoing goal. The health of the network really depends on collaboration among
everyone in our community.
-\section{Denial of service}
+\subsection{Denial of service}
\label{dos}
This section describes the denial of service attacks that the Tor network
faces. We'll use a recent example to demonstrate how important it is that our
community and monitoring work together.
-\subsection{Notable attacks}
+\subsubsection{Notable attacks}
\label{dos-attacks}
In 2015, Nick Mathewson, Tor maintainer, released a technical report
@@ -262,7 +262,7 @@ Over the years, the Tor Project and community have dealt with many attacks of
this kind, and they usually come as a surprise. This section highlights some of
the attacks we have faced and the lessons they have taught us.
-\subsubsection{Sefnit botnet}
+\paragraph{Sefnit botnet}
On the 20th of August 2013, the number of users connected to the network
rose to abnormal levels~\cite{botnet-2013} (see Figure~\ref{dos-sefnit}).
@@ -290,7 +290,7 @@ Fortunately, by the end of 2013, the rise in users was identified by a
Microsoft researcher as part of the Sefnit botnet. It was removed by
Microsoft anti-virus at that point.
-\subsubsection{The sniper attack}
+\paragraph{The sniper attack}
In February 2014, a paper was presented at the Network and Distributed
Systems Security symposium titled \textbf{The Sniper Attack: Anonymously
@@ -308,7 +308,7 @@ don't know what its actual effects might be.
The sniper attack showed us that taking down a relay could lead
to deanonymizing specific onion services.
-\subsubsection{DoS attack using onion services}
+\paragraph{DoS attack using onion services}
In mid December 2017, relay operators started to report to the tor-relays
mailing list that they were seeing spikes in traffic to their relays and
@@ -392,7 +392,7 @@ of the network recovered quickly. After a few months, the attack stopped.
To this day, these defenses are still in place, protecting the Tor network
from such abuse.
-\subsubsection{Key takeaways}
+\paragraph{Key takeaways}
These episodes took us by surprise and forced some Tor developers to drop
everything to investigate and work on defenses. But they produced some key
@@ -420,7 +420,7 @@ takeaways.
quickly spiral out of control and we take them extremely seriously.
\end{itemize}
-\subsection{The future} \label{dos-future}
+\subsubsection{The future} \label{dos-future}
There are several important points to keep in mind when we consider how to
defend against future DoS attacks on the Tor network.
diff --git a/2018/sponsor19/report1/task7a.tex b/2018/sponsor19/report1/task7a.tex
index 7e78c5b..4617e25 100644
--- a/2018/sponsor19/report1/task7a.tex
+++ b/2018/sponsor19/report1/task7a.tex
@@ -25,7 +25,7 @@ video streaming, or Tor. Pluggable transports try to solve this problem by
disguising the Tor traffic between the user and the bridge so that it doesn't
look like Tor traffic.
-\subsection{Bridge distribution}
+\subsubsection{Bridge distribution}
\label{bridge-distrib}
Because bridge addresses are not listed in the public directory of relays,
@@ -62,7 +62,7 @@ Tor Browser 8.0, released in September of 2018, includes the ability to request
bridge addresses from within the application. More information about the way
Tor Browser helps get around censorship is in Section~\ref{browser-censorship}.
-\subsection{Pluggable transports}
+\subsubsection{Pluggable transports}
\label{pt-types}
A pluggable transport is a program that is used between the
@@ -90,7 +90,7 @@ Go language very popular for developing pluggable transports~\cite{goptlib}.
The following sections describe some pluggable transports that either have been
used by Tor, or that have the potential be used by Tor in the future.
-\subsubsection{Obfsproxy}
+\paragraph{Obfsproxy}
Obfsproxy makes Tor traffic look like a random stream of bytes. This type of
pluggable transport is known as a \emph{look-like-nothing} pluggable transport
@@ -126,14 +126,14 @@ bridge replies. This means obfs4 can resist active probing attacks.
Obfs4 is one of the most popular pluggable transports in use today.
-\subsubsection{ScrambleSuit}
+\paragraph{ScrambleSuit}
ScrambleSuit, like obfsproxy, is a pluggable transport that makes traffic look
like a random stream of bytes. But ScrambleSuit also changes the lengths of its
data packets, as well as the time between sending them, to confuse censors that
rely on those characteristics to recognize Tor traffic.
-\subsubsection{FTE}
+\paragraph{FTE}
Format Transforming Encryption (FTE) was one of the first pluggable transports
that did not belong in the look-like-nothing group. Instead, FTE uses an
@@ -145,7 +145,7 @@ This type of pluggable transport is useful in the face of a ``whitelisting''
censor, that is, a censor that has a list of protocols that it recognizes and
allows.
-\subsubsection{Flashproxy}
+\paragraph{Flashproxy}
Flashproxy~\cite{flashproxy-pets12} is a pluggable transport that allows
censored users to quickly find and use short-lived proxies operated by
@@ -167,7 +167,7 @@ reachable on the internet drastically reduces the usefulness of the design.
See Section~\ref{pt:snowflake} for a description of Snowflake, an improved
version of Flashproxy that solves this problem.
-\subsubsection{Meek}
+\paragraph{Meek}
Meek~\cite{meek} is a pluggable transport that uses \emph{domain
fronting}~\cite{domain-fronting} to get around
@@ -188,7 +188,7 @@ deployed is the Microsoft Azure cloud.
So far, meek has proven resilient to blocking.
-\subsubsection{Marionette}
+\paragraph{Marionette}
Marionette is a fairly new pluggable transport developed by the US company
RedJack. Marionette's design~\cite{marionette} is similar to that of
@@ -204,7 +204,7 @@ Marionette is in the late development stage. The next step is to deploy it to
a set of stable bridges so that we can evaluate it in a variety of censored
locations.
-\subsubsection{Next generation pluggable transport: Snowflake}
+\paragraph{Next generation pluggable transport: Snowflake}
\label{pt:snowflake}
The most promising next generation pluggable transport is
@@ -237,7 +237,7 @@ The Tor Project is in the process of hiring a software developer to
explore some of these questions and to work on other anti-censorship
technologies as well.
-\subsection{Designing new pluggable transports}
+\subsubsection{Designing new pluggable transports}
\label{pt:design}
A common anti-censorship strategy is to make it unappealing for censors to
diff --git a/2018/sponsor19/report1/task7b.tex b/2018/sponsor19/report1/task7b.tex
index b277953..923c456 100644
--- a/2018/sponsor19/report1/task7b.tex
+++ b/2018/sponsor19/report1/task7b.tex
@@ -1,4 +1,4 @@
-\subsection{Tor Browser}
+\subsubsection{Tor Browser}
\label{browser-censorship}
In many places in the world, censorship of the web is common. Users are
@@ -72,7 +72,7 @@ it is safe, for example, to be logged into Facebook in one tab and to post
anonymously to a blog in another tab. This is a Tor feature that Mozilla has
also implemented in Firefox.
-\subsubsection{Usability testing and global outreach}
+\paragraph{Usability testing and global outreach}
\label{ux-testing-outreach}
To make useful software, especially software that aims to keep people safe, it
@@ -165,7 +165,7 @@ network.
\label{new-circuit-display}
\end{figure}
-\subsection{Tor Browser for Android}
+\subsubsection{Tor Browser for Android}
\label{tb-android}
Historically, Tor Browser has only been developed for desktop computers running
diff --git a/2018/sponsor19/report1/task8.tex b/2018/sponsor19/report1/task8.tex
index 09d44bb..d9f11cb 100644
--- a/2018/sponsor19/report1/task8.tex
+++ b/2018/sponsor19/report1/task8.tex
@@ -1,5 +1,5 @@
-\section{Tor's role in the research community}
+\subsection{Tor's role in the research community}
Just about every major computer security conference these days has a paper
analyzing, attacking, or improving Tor. While fifteen years ago the field of
@@ -54,7 +54,7 @@ who write their theses on Tor. The original Tor design paper from 2004
now has over 4000 citations, and in 2014 Usenix picked that paper out
of all the security papers published in 2004 to win their Test of Time award.
-\subsection{Tor research resources}
+\subsubsection{Tor research resources}
Resources for researchers are collected within the Tor Research
Portal~\cite{research-portal} which is currently undergoing a redesign. This
@@ -70,7 +70,7 @@ Figure~\ref{fig:research-portal-mock}.
\label{fig:research-portal-mock}
\end{figure}
-\subsubsection{Datasets}
+\paragraph{Datasets}
We've been collecting data to learn more about the Tor network: how many relays
and clients there are in the network, what capabilities they have, how fast the
@@ -79,7 +79,7 @@ network, etc. We are also developing tools to process these huge data archives
and come up with useful statistics. These datasets are described in more detail
in Section~\ref{sec:public-datasets}.
-\subsubsection{Measurement and attack tools}
+\paragraph{Measurement and attack tools}
We're building a collection of tools that can be used to measure, analyze, or
perform attacks on Tor. Many research groups need to do similar
@@ -97,7 +97,7 @@ wrong is important, and we recognize that the incentives in academia aren't
aligned with spending energy on designing defenses, but it sure would be great
to get more people working on how to address the attacks.
-\subsection{Tor research safety board}
+\subsubsection{Tor research safety board}
The research safety board is a group of researchers who study Tor,
and who want to \emph{minimize privacy risks while fostering a better
diff --git a/2018/sponsor19/report1/task9.tex b/2018/sponsor19/report1/task9.tex
index e0472e7..e209957 100644
--- a/2018/sponsor19/report1/task9.tex
+++ b/2018/sponsor19/report1/task9.tex
@@ -6,7 +6,7 @@ applications like web browsing, we would like to explore secure messaging and
other asynchronous applications. We want to consider more use cases than just
web browsing.
-\section{Existing apps that use Tor}
+\subsection{Existing apps that use Tor}
\label{apps-that-use-tor}
As a first step, we would like to understand whether existing prototypes
@@ -15,17 +15,17 @@ These tools include messaging and email apps, secure operating systems, tools
that send traffic from existing apps over the Tor network, monitoring tools,
and file sharing apps.
-\subsection{Web browsers}
+\subsubsection{Web browsers}
In addition to Tor Browser, there are a number of web browsers that use the Tor network and protect users' privacy to varying degrees. These include OnionBrowser~\cite{onion-browser}, Brave~\cite{brave}, and Cliqz\cite{cliqz}.
-\subsection{Using mobile apps with the Tor network}
+\subsubsection{Using mobile apps with the Tor network}
The following apps send their internet traffic over the Tor network, whether by
using Tor's proxy interface, as Orbot does, or by providing a ``system-wide
VPN'' interface as iCepa does.
-\subsubsection{Orbot}
+\paragraph{Orbot}
Orbot~\cite{orbot} is an open-source app that allows other apps to send their
internet traffic through it and then through the Tor network, thereby hiding
@@ -35,25 +35,25 @@ as it does not provide any additional anti-tracking measures -- it is trivial
for apps or websites to track users in most web browsers and many other apps
even if the IP address is hidden.
-\subsubsection{iCepa}
+\paragraph{iCepa}
iCepa~\cite{icepa} is a new experimental app for connecting iOS apps to the Tor
network. iCepa is in alpha.
-\subsection{Communications}
+\subsubsection{Communications}
From peer to peer messaging apps, to email clients, there are a number
of different applications that people can use to anonymize their
communications:
-\subsubsection{Briar}
+\paragraph{Briar}
Briar~\cite{briar} is an open source peer-to-peer messaging app for Android.
Briar sends its messages through the Tor network, preventing third parties from
observing which parties are communicating with each other or revealing their IP
addresses.
-\subsubsection{Ricochet}
+\paragraph{Ricochet}
Ricochet~\cite{ricochet} is a desktop app that offers peer-to-peer messaging,
without exposing information about who is communicating. All messages are sent
@@ -61,12 +61,12 @@ wholly inside the Tor network. Ricochet uses Tor onion services to connect
users to one another, eliminating the central server that most messaging apps
use.
-\subsubsection{ChatSecure}
+\paragraph{ChatSecure}
ChatSecure~\cite{chatsecure} is an open source iOS app offering optional Tor
support that hides the device's IP address and allows messages to bypass
restrictive firewalls.
-\subsubsection{TorBirdy}
+\paragraph{TorBirdy}
TorBirdy~\cite{tor-birdy} is an extension for Thunderbird, a desktop email
client, that is developed and maintained by members of the Tor Project.
@@ -74,14 +74,14 @@ TorBirdy sends email from Thunderbird over the Tor network. This means that the
email servers a message passes through do not learn the user's IP address. It
also hides email metadata to protect users' privacy. TorBirdy is in beta.
-\subsection{Secure operating systems}
+\subsubsection{Secure operating systems}
Currently there are a number of Linux-based operating systems which aim to
provide anonymity and privacy to their users. These OSes send their internet traffic through the Tor network. These include Tails (The Amnesic Incognito Live System)~\cite{tails}, Whonix~\cite{whonix}, and Qubes~\cite{qubes}.
-\subsection{Monitoring tools}
+\subsubsection{Monitoring tools}
-\subsubsection{OONI Probe}
+\paragraph{OONI Probe}
OONI Probe~\cite{ooni-probe} is an app that runs on Mac OS X, Linux, Android,
and iOS that allows users to run tests to determine if their internet
@@ -89,7 +89,7 @@ connection is being censored or otherwise experiencing interference.
OONI is a Tor project that monitors and reports on
censorship around the world. See Section~\ref{ooni} for more information.
-\subsubsection{Haven}
+\paragraph{Haven}
Haven~\cite{haven} is an Android app that uses device sensors to monitor a
physical space. It detects motion, sound, vibration and light, and watches for
unexpected guests and intruders. It offers a Tor onion service feature that
@@ -97,18 +97,18 @@ allows the operator to connect to the device remotely and view its event
logs and
captured media. Haven is currently in beta.
-\subsection{File sharing}
+\subsubsection{File sharing}
There are a few applications currently available which allow anonymous file
sharing over the Tor network:
-\subsubsection{OnionShare}
+\paragraph{OnionShare}
OnionShare~\cite{onionshare} is a desktop app that allows users to send files to
one another over the Tor network. This prevents observers from seeing who is
sending and receiving the files.
-\subsubsection{GlobaLeaks}
+\paragraph{GlobaLeaks}
GlobaLeaks~\cite{globaleaks} is software that enables people and organizations
to set up their own secure, anonymous whistleblower platforms. When a user
@@ -120,7 +120,7 @@ There are a wide variety of GlobaLeaks deployments around the world for
purposes such as investigative journalism, anti-corruption activism,
transparency activism, and anti-crime activism.
-\subsubsection{SecureDrop}
+\paragraph{SecureDrop}
SecureDrop~\cite{securedrop} is server software that allows whistleblowers to
send files anonymously and securely to journalists. It functions as a Tor onion
@@ -129,7 +129,7 @@ Over the past few years, it has become very common for major news organizations
to deploy SecureDrop. The New York Times, The Associated Press, The Guardian,
and ProPublica are just a few of the organizations that use SecureDrop.
-\subsubsection{OpenArchive}
+\paragraph{OpenArchive}
OpenArchive is a new app for Android for uploading and sharing media, including
video. It sends its traffic over the Tor network to the Internet Archive and
@@ -137,7 +137,7 @@ other archives. OpenArchive looks promising, but we need to examine whether
Open Archive solves the problems that actual users have and assess its
usability at accomplishing these goals.
-\section{Applications for users under censorship}
+\subsection{Applications for users under censorship}
We conducted a survey of the landscape of apps popular among users behind
censorship, and thought about how we can serve those users, considering both
@@ -271,14 +271,14 @@ work with Tor for users in China?''
%\end{itemize}
%
%
-%\subsection{TenCent apps and services}
+%\subsubsection{TenCent apps and services}
%
-%\subsubsection{WeChat}
+%\paragraph{WeChat}
%
%"Weixin/WeChat reached more than 938 million monthly active user accounts as of
%the first quarter of 2017."~\cite{tencent-social}
%
-%\subsubsection{QQ}
+%\paragraph{QQ}
%
%QQ is an instant messaging app potentially aimed at younger users, complete
%with comics, games, and a payment service built in.
@@ -287,7 +287,7 @@ work with Tor for users in China?''
%accounts and more than 266 million people were using QQ
%simultaneously."~\cite{tencent-social}
%
-%\subsubsection{QZone}
+%\paragraph{QZone}
%
%Qzone is a social media platform. It allows image and video upload, live
%streaming, games, blog posts, etc. Might be an important focus later on, given
@@ -297,21 +297,21 @@ work with Tor for users in China?''
%of 2 trillion photos.As of the first quarter of 2017, Qzone had 632 million
%monthly active user accounts."~\cite{tencent-social}.
%
-%\subsubsection{China Reading Limited (Tencent Literature)}
+%\paragraph{China Reading Limited (Tencent Literature)}
%
%"China Reading Limited brings the full integration of online and traditional
%literary works to one platform."\cite{tencent-social}
%
-%\subsubsection{QQ Music}
+%\paragraph{QQ Music}
%
%QQ Music is a music streaming service.\cite{tencent-social}
%
-%\subsubsection{Penguin e-sports}
+%\paragraph{Penguin e-sports}
%
%Penguin e-sports is a mobile live-streaming service for e-sports, similar to
%Twitch.\cite{tencent-social}
%
-%\subsubsection{NOW Live}
+%\paragraph{NOW Live}
%
%NOW Live is a video live-streaming platform.\cite{tencent-social}
%
diff --git a/2018/sponsor19/report1/tortechrep.cls b/2018/sponsor19/report1/tortechrep.cls
new file mode 120000
index 0000000..ce75af9
--- /dev/null
+++ b/2018/sponsor19/report1/tortechrep.cls
@@ -0,0 +1 @@
+../../../tortechrep.cls
\ No newline at end of file
More information about the tor-commits
mailing list