[tor-talk] Defense against DDoS Attacks in Tor
IGNACIO GAGO PADRENY
igago at ucm.es
Wed Nov 19 18:00:40 UTC 2014
I had read about slowloris before, but it was a HTTP DoS attack, don't know
what is the relation with Tor. About computational DDoS I have only read
about cell flood attack (2013) but it seems they propose a defense based on
puzzles. What i have not read anything about is DDoS attacks to hidden
services or rendezvouz points. If you could give me a little more
information i would really appreciate it.
2014-11-14 21:55 GMT+01:00 coderman <coderman at gmail.com>:
> On 11/13/14, IGNACIO GAGO PADRENY <igago at ucm.es> wrote:
> > ...
> > I am currently studying network security and I am focusing on defense
> > against DDoS attacks in Tor. I have read a few papers (replay attack,
> > sniper attack, etc.) but most of them are not recent.
> i assume you looked over http://freehaven.net/anonbib as well.
> > My aim is to develop
> > (theoretically or in practice) a defense but I would really appreciate if
> > you could tell me current attacks which have no defense or are the most
> > successful ones.
> DoS are all "successful", by some measure.
> ordered by hardness, consider:
> 0. application level, like slowloris or computational DoS. [ see
> torhs-pyloris-nov9.tgz on #8902 ]
> 1. hidden services in general, roles like HSDir or Rendz., high
> connection rates, stream isolation impacts. [ see list at
> for enumeration of many known attacks ]
> 2. protocol issues, circuit extension attacks, shared gateways
> manipulation, predecessor attacks, etc.
> 3. high capacity relay performance issues, tuning, clogging, etc.
> messing with the fast relays most difficult. from there, considerably
> easier to deny service. a hard problem. good luck! :)
> ( most don't even try to fix 0 or 1 at all... )
> best regards,
> tor-talk mailing list - tor-talk at lists.torproject.org
> To unsubscribe or change other settings go to
More information about the tor-talk