ABSTRACT
Tor is one of the most well-known anonymity networks that provides anonymity to service providers such as hidden web services. Recently size and content of Tor hidden services are highly concerned because of emerging illegal content. It is necesary to have discovery and analysis approaches to collect and analyze Tor hidden services. Previous in-band approaches are mostly based on the protocol and design principles of Tor network, which mostly have a great deal of resource consumption. In this paper, we propose an out-of-band approach to discover Tor hidden services, which is simpler and owns less resource consumption: using multiple search engines with specific keywords. In our experiments we collected 173667 unique .onion addresses in all using a single Amazon EC2 instances in 1 hour and found 4857 hidden web services online. We also propose a modified PageRank algrithm: OnionRank Algorithm to evaluate the importance of hidden web services, which concentrates more on Tor users' actions. Results showed that the top-ranking hidden web services are mostly famous in Tor network.
- Tor hidden service protocol. https://www.torproject.org/docs/hidden-services.html.en.Google Scholar
- Tor metrics: Unique onion addresses. https://metrics.torproject.org/hidserv-dir-onions-seen.html.Google Scholar
- Tor2web brings anonymous tor sites to the regular web. http://arstechnica.com/uncategorized/2008/12/tor2web-brings-anonymous-tor-sites-to-the-regular-web/.Google Scholar
- Wikipedia, agroa. https://en.wikipedia.org/wiki/Agora.Google Scholar
- Wikipedia, deepdotweb. https://en.wikipedia.org/wiki/DeepDotWeb.Google Scholar
- Wikipedia, facebook. https://en.wikipedia.org/wiki/Facebook.Google Scholar
- Wikipedia, ramp. https://en.wikipedia.org/wiki/Russian Anonymous Marketplace.Google Scholar
- Wikipedia, the hidden wiki. https://en.wikipedia.org/wiki/The Hidden Wiki.Google Scholar
- Wikipedia, tor2web. https://en.wikipedia.org/wiki/Tor2web.Google Scholar
- A. Arasu, J. Cho, H. Garcia-Molina, A. Paepcke, and S. Raghavan. Searching the web. ACM Transactions on Internet Technology (TOIT), 1(1):2--43, 2001. Google ScholarDigital Library
- A. Biryukov, I. Pustogarov, F. Thill, and R.-P. Weinmann. Content and popularity analysis of tor hidden services. In Distributed Computing Systems Workshops (ICDCSW), 2014 IEEE 34th International Conference on, pages 188--193. IEEE, 2014. Google ScholarDigital Library
- A. Biryukov, I. Pustogarov, and R. Weinmann. Trawling for tor hidden services: Detection, measurement, deanonymization. In Security and Privacy (SP), 2013 IEEE Symposium on, pages 80--94. IEEE, 2013. Google ScholarDigital Library
- D. L. Chaum. Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM, 24(2):84--90, 1981. Google ScholarDigital Library
- R. Dingledine, N. Mathewson, and P. Syverson. Tor: The second-generation onion router. Technical report, DTIC Document, 2004.Google Scholar
- D. Goulet, A. Johnson, G. Kadianakis, and K. Loesing. Hidden-service statistics reported by relays. Technical report, DTIC Document, 2015.Google Scholar
- K. Loesing, W. Sandmann, C. Wilms, and G. Wirtz. Performance measurements and statistics of tor hidden services. In Applications and the Internet, 2008. SAINT 2008. International Symposium on, pages 1--7. IEEE, 2008. Google ScholarDigital Library
- S. Matic, P. Kotzias, and J. Caballero. Caronte: Detecting location leaks for deanonymizing tor hidden services. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pages 1455--1466. ACM, 2015. Google ScholarDigital Library
- S. J. Murdoch. Hot or not: Revealing hidden services by their clock skew. In Proceedings of the 13th ACM conference on Computer and communications security, pages 27--36. ACM, 2006. Google ScholarDigital Library
- L. Øverlier and P. Syverson. Locating hidden servers. In Security and Privacy, 2006 IEEE Symposium on, pages 15--pp. IEEE, 2006. Google ScholarDigital Library
- L. Øverlier and P. Syverson. Improving efficiency and simplicity of tor circuit establishment and hidden services. In Privacy Enhancing Technologies, pages 134--152. Springer, 2007. Google ScholarCross Ref
- L. Page, S. Brin, R. Motwani, and T. Winograd. The pagerank citation ranking: bringing order to the web. 1999.Google Scholar
- A. Panchenko, O. Spaniol, A. Egners, and T. Engel. Lightweight hidden services. In Trust, Security and Privacy in Computing and Communications (TrustCom), 2011 IEEE 10th International Conference on, pages 533--540. IEEE, 2011. Google ScholarDigital Library
- M. Thomas and A. Mohaisen. Measuring the leakage of onion at the root.Google Scholar
- S. Zander and S. J. Murdoch. An improved clock-skew measurement technique for revealing hidden services. In USENIX Security Symposium, pages 211--226, 2008. Google ScholarDigital Library
Index Terms
- Out-of-band discovery and evaluation for tor hidden services
Recommendations
Spiders like Onions: on the Network of Tor Hidden Services
WWW '19: The World Wide Web ConferenceTor hidden services allow offering and accessing various Internet resources while guaranteeing a high degree of provider and user anonymity. So far, most research work on the Tor network aimed at discovering protocol vulnerabilities to de-anonymize ...
Detection and Analysis of Tor Onion Services
ARES '19: Proceedings of the 14th International Conference on Availability, Reliability and SecurityTor onion services can be accessed and hosted anonymously on the Tor network. We analyze the protocols, software types, popularity and uptime of these services by collecting a large amount of .onion addresses. Websites are crawled and clustered based on ...
Trawling for Tor Hidden Services: Detection, Measurement, Deanonymization
SP '13: Proceedings of the 2013 IEEE Symposium on Security and PrivacyTor is the most popular volunteer-based anonymity network consisting of over 3000 volunteer-operated relays. Apart from making connections to servers hard to trace to their origin it can also provide receiver privacy for Internet services through a ...
Comments