research-article

Out-of-band discovery and evaluation for tor hidden services

Authors:
Kang Li

Institute of Information Engineering, China and National Engineering Laboratory for Information Security Technologies, China and University of Chinese Academy of Sciences, China

Institute of Information Engineering, China and National Engineering Laboratory for Information Security Technologies, China and University of Chinese Academy of Sciences, China
View Profile

,
Peipeng Liu

National Computer Network Emergency Response Technical Team/Coordination Center, China and Graduated University, China

National Computer Network Emergency Response Technical Team/Coordination Center, China and Graduated University, China
View Profile

,
Qingfeng Tan

Institute of Information Engineering, China and National Engineering Laboratory for Information Security Technologies, China

Institute of Information Engineering, China and National Engineering Laboratory for Information Security Technologies, China
View Profile

,
Jinqiao Shi

Institute of Information Engineering, China and National Engineering Laboratory for Information Security Technologies, China

Institute of Information Engineering, China and National Engineering Laboratory for Information Security Technologies, China
View Profile

,
Yue Gao

Institute of Information Engineering, China and National Engineering Laboratory for Information Security Technologies, China and University of Chinese Academy of Sciences, China

Institute of Information Engineering, China and National Engineering Laboratory for Information Security Technologies, China and University of Chinese Academy of Sciences, China
View Profile

,
Xuebin Wang

Institute of Information Engineering, China and National Engineering Laboratory for Information Security Technologies, China

Institute of Information Engineering, China and National Engineering Laboratory for Information Security Technologies, China
View Profile

SAC '16: Proceedings of the 31st Annual ACM Symposium on Applied ComputingApril 2016Pages 2057–2062https://doi.org/10.1145/2851613.2851798

Published:04 April 2016Publication History

SAC '16: Proceedings of the 31st Annual ACM Symposium on Applied Computing

Pages 2057–2062

ABSTRACT

Tor is one of the most well-known anonymity networks that provides anonymity to service providers such as hidden web services. Recently size and content of Tor hidden services are highly concerned because of emerging illegal content. It is necesary to have discovery and analysis approaches to collect and analyze Tor hidden services. Previous in-band approaches are mostly based on the protocol and design principles of Tor network, which mostly have a great deal of resource consumption. In this paper, we propose an out-of-band approach to discover Tor hidden services, which is simpler and owns less resource consumption: using multiple search engines with specific keywords. In our experiments we collected 173667 unique .onion addresses in all using a single Amazon EC2 instances in 1 hour and found 4857 hidden web services online. We also propose a modified PageRank algrithm: OnionRank Algorithm to evaluate the importance of hidden web services, which concentrates more on Tor users' actions. Results showed that the top-ranking hidden web services are mostly famous in Tor network.

References

Tor hidden service protocol. https://www.torproject.org/docs/hidden-services.html.en.Google Scholar
Tor metrics: Unique onion addresses. https://metrics.torproject.org/hidserv-dir-onions-seen.html.Google Scholar
Tor2web brings anonymous tor sites to the regular web. http://arstechnica.com/uncategorized/2008/12/tor2web-brings-anonymous-tor-sites-to-the-regular-web/.Google Scholar
Wikipedia, agroa. https://en.wikipedia.org/wiki/Agora.Google Scholar
Wikipedia, deepdotweb. https://en.wikipedia.org/wiki/DeepDotWeb.Google Scholar
Wikipedia, facebook. https://en.wikipedia.org/wiki/Facebook.Google Scholar
Wikipedia, ramp. https://en.wikipedia.org/wiki/Russian Anonymous Marketplace.Google Scholar
Wikipedia, the hidden wiki. https://en.wikipedia.org/wiki/The Hidden Wiki.Google Scholar
Wikipedia, tor2web. https://en.wikipedia.org/wiki/Tor2web.Google Scholar
A. Arasu, J. Cho, H. Garcia-Molina, A. Paepcke, and S. Raghavan. Searching the web. ACM Transactions on Internet Technology (TOIT), 1(1):2--43, 2001. Google ScholarDigital Library
A. Biryukov, I. Pustogarov, F. Thill, and R.-P. Weinmann. Content and popularity analysis of tor hidden services. In Distributed Computing Systems Workshops (ICDCSW), 2014 IEEE 34th International Conference on, pages 188--193. IEEE, 2014. Google ScholarDigital Library
A. Biryukov, I. Pustogarov, and R. Weinmann. Trawling for tor hidden services: Detection, measurement, deanonymization. In Security and Privacy (SP), 2013 IEEE Symposium on, pages 80--94. IEEE, 2013. Google ScholarDigital Library
D. L. Chaum. Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM, 24(2):84--90, 1981. Google ScholarDigital Library
R. Dingledine, N. Mathewson, and P. Syverson. Tor: The second-generation onion router. Technical report, DTIC Document, 2004.Google Scholar
D. Goulet, A. Johnson, G. Kadianakis, and K. Loesing. Hidden-service statistics reported by relays. Technical report, DTIC Document, 2015.Google Scholar
K. Loesing, W. Sandmann, C. Wilms, and G. Wirtz. Performance measurements and statistics of tor hidden services. In Applications and the Internet, 2008. SAINT 2008. International Symposium on, pages 1--7. IEEE, 2008. Google ScholarDigital Library
S. Matic, P. Kotzias, and J. Caballero. Caronte: Detecting location leaks for deanonymizing tor hidden services. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pages 1455--1466. ACM, 2015. Google ScholarDigital Library
S. J. Murdoch. Hot or not: Revealing hidden services by their clock skew. In Proceedings of the 13th ACM conference on Computer and communications security, pages 27--36. ACM, 2006. Google ScholarDigital Library
L. Øverlier and P. Syverson. Locating hidden servers. In Security and Privacy, 2006 IEEE Symposium on, pages 15--pp. IEEE, 2006. Google ScholarDigital Library
L. Øverlier and P. Syverson. Improving efficiency and simplicity of tor circuit establishment and hidden services. In Privacy Enhancing Technologies, pages 134--152. Springer, 2007. Google ScholarCross Ref
L. Page, S. Brin, R. Motwani, and T. Winograd. The pagerank citation ranking: bringing order to the web. 1999.Google Scholar
A. Panchenko, O. Spaniol, A. Egners, and T. Engel. Lightweight hidden services. In Trust, Security and Privacy in Computing and Communications (TrustCom), 2011 IEEE 10th International Conference on, pages 533--540. IEEE, 2011. Google ScholarDigital Library
M. Thomas and A. Mohaisen. Measuring the leakage of onion at the root.Google Scholar
S. Zander and S. J. Murdoch. An improved clock-skew measurement technique for revealing hidden services. In USENIX Security Symposium, pages 211--226, 2008. Google ScholarDigital Library

Index Terms

Out-of-band discovery and evaluation for tor hidden services
1. Security and privacy
  1. Systems security
    1. Distributed systems security

Recommendations

Spiders like Onions: on the Network of Tor Hidden Services
WWW '19: The World Wide Web Conference

Tor hidden services allow offering and accessing various Internet resources while guaranteeing a high degree of provider and user anonymity. So far, most research work on the Tor network aimed at discovering protocol vulnerabilities to de-anonymize ...
Read More
Detection and Analysis of Tor Onion Services
ARES '19: Proceedings of the 14th International Conference on Availability, Reliability and Security

Tor onion services can be accessed and hosted anonymously on the Tor network. We analyze the protocols, software types, popularity and uptime of these services by collecting a large amount of .onion addresses. Websites are crawled and clustered based on ...
Read More
Trawling for Tor Hidden Services: Detection, Measurement, Deanonymization
SP '13: Proceedings of the 2013 IEEE Symposium on Security and Privacy

Tor is the most popular volunteer-based anonymity network consisting of over 3000 volunteer-operated relays. Apart from making connections to servers hard to trace to their origin it can also provide receiver privacy for Internet services through a ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
SAC '16: Proceedings of the 31st Annual ACM Symposium on Applied Computing
April 2016
2360 pages
ISBN:9781450337397
DOI:10.1145/2851613
Conference Chair:
Sascha Ossowski
University Rey Juan Carlos, Spain
Copyright © 2016 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 4 April 2016
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
PageRank
hidden services
search engines
tor
Qualifiers
- research-article
Conference

Acceptance Rates
SAC '16 Paper Acceptance Rate252of1,047submissions,24%Overall Acceptance Rate1,650of6,669submissions,25%
More
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 12
  Total Citations
  View Citations
- 268
  Total Downloads
- Downloads (Last 12 months)11
- Downloads (Last 6 weeks)3
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Out-of-band discovery and evaluation for tor hidden services

SAC '16: Proceedings of the 31st Annual ACM Symposium on Applied Computing

ABSTRACT

References

Cited By

Index Terms

Recommendations

Spiders like Onions: on the Network of Tor Hidden Services

Detection and Analysis of Tor Onion Services

Trawling for Tor Hidden Services: Detection, Measurement, Deanonymization