[tor-talk] RAPTOR: Routing Attacks on Privacy in Tor

Kevin kevinsisco61784 at gmail.com
Tue Mar 17 01:09:36 UTC 2015


On 3/16/2015 7:26 PM, grarpamp wrote:
> http://arxiv.org/abs/1503.03940
>
> Yixin Sun, Anne Edmundson, Laurent Vanbever, Oscar Li, Jennifer
> Rexford, Mung Chiang, Prateek Mittal
> (Submitted on 13 Mar 2015)
>
> The Tor network is a widely used system for anonymous communication.
> However, Tor is known to be vulnerable to attackers who can observe
> traffic at both ends of the communication path. In this paper, we show
> that prior attacks are just the tip of the iceberg. We present a suite
> of new attacks, called Raptor, that can be launched by Autonomous
> Systems (ASes) to compromise user anonymity. First, AS-level
> adversaries can exploit the asymmetric nature of Internet routing to
> increase the chance of observing at least one direction of user
> traffic at both ends of the communication. Second, AS-level
> adversaries can exploit natural churn in Internet routing to lie on
> the BGP paths for more users over time. Third, strategic adversaries
> can manipulate Internet routing via BGP hijacks (to discover the users
> using specific Tor guard nodes) and interceptions (to perform traffic
> analysis). We demonstrate the feasibility of Raptor attacks by
> analyzing historical BGP data and Traceroute data as well as
> performing real-world attacks on the live Tor network, while ensuring
> that we do not harm real users. In addition, we outline the design of
> two monitoring frameworks to counter these attacks: BGP monitoring to
> detect control-plane attacks, and Traceroute monitoring to detect
> data-plane anomalies. Overall, our work motivates the design of
> anonymity systems that are aware of the dynamics of Internet routing.
If such attacks are network wide, is there anything the end-user can do 
to keep themselves safe?  Does tor need special configuration?


---
This email is free from viruses and malware because avast! Antivirus protection is active.
http://www.avast.com



More information about the tor-talk mailing list