[tor-talk] Defense against DDoS Attacks in Tor

IGNACIO GAGO PADRENY igago at ucm.es
Wed Nov 19 18:00:40 UTC 2014


I had read about slowloris before, but it was a HTTP DoS attack, don't know
what is the relation with Tor. About computational DDoS I have only read
about cell flood attack (2013) but it seems they propose a defense based on
puzzles. What i have not read anything about is DDoS attacks to hidden
services or rendezvouz points. If you could give me a little more
information i would really appreciate it.

2014-11-14 21:55 GMT+01:00 coderman <coderman at gmail.com>:

> On 11/13/14, IGNACIO GAGO PADRENY <igago at ucm.es> wrote:
> > ...
> > I am currently studying network security and I am focusing on defense
> > against DDoS attacks in Tor. I have read a few papers (replay attack,
> > sniper attack, etc.) but most of them are not recent.
>
> i assume you looked over http://freehaven.net/anonbib as well.
>
>
>
> > My aim is to develop
> > (theoretically or in practice) a defense but I would really appreciate if
> > you could tell me current attacks which have no defense or are the most
> > successful ones.
>
> DoS are all "successful", by some measure.
>
> ordered by hardness, consider:
>
>  0. application level, like slowloris or computational DoS. [ see
> torhs-pyloris-nov9.tgz on #8902 ]
>
>  1. hidden services in general, roles like HSDir or Rendz., high
> connection rates, stream isolation impacts. [ see list at
>
> https://blog.torproject.org/blog/thoughts-and-concerns-about-operation-onymous
> for enumeration of many known attacks ]
>
> 2. protocol issues, circuit extension attacks, shared gateways
> manipulation, predecessor attacks, etc.
>
> 3. high capacity relay performance issues, tuning, clogging, etc.
>
>
> messing with the fast relays most difficult. from there, considerably
> easier to deny service. a hard problem.  good luck! :)
>
> ( most don't even try to fix 0 or 1 at all... )
>
>
> best regards,
> --
> tor-talk mailing list - tor-talk at lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>


More information about the tor-talk mailing list