ABSTRACT
Tor is among the most used overlay networks for anonymous communication. This anonymity can be undermined via entry-exit and end-to-end attacks. Using Game Theory, we analyze the viability of several methods for reducing Tor's vulnerability to such attacks. Entry-exit attacks rely upon controlling entry and exit nodes -- internal elements within the Tor Network, while end-to-end attacks utilize Autonomous Systems (internet service providers), elements outside of the Tor Network. Because both types of attacks rely on probability, we use Monte Carlo simulation and model the success probability maximizing strategies of adversaries. We analyze changes to Tor's node selection strategy that decrease the success probability of such attacks. Our goal is to support anonymity preserving systems against large Autonomous Systems providers and attackers with plenty of resources. We build upon previous work, but we also test eliminating the exit node bandwidth threshold and decreasing asymmetric routing to make compromising anonymity less likely. Given our results, we suggest the abandonment of the bandwidth threshold of exit nodes. Abandoning this threshold would not affect the bandwidth of the Tor network much, while it would impair an attacker's success probability significantly. We show that an attackers' success probability can be lowered by 23% over a year of usage. While prior to our changes (and assuming a large fraction of compromised nodes), anonymity is preserved ~62% of the time over a year, implementing our changes increases anonymity preservation to 85%.
Index Terms
- A Game Theoretic Analysis of Improvements to Tor's Resilience to Entry-Exit and End-to-End Attacks
Recommendations
Protocol-level attacks against Tor
Tor is a real-world, circuit-based low-latency anonymous communication network, supporting TCP applications over the Internet. In this paper, we present an extensive study of protocol-level attacks against Tor. Different from existing attacks, the ...
A potential HTTP-based application-level attack against Tor
Tor has become one of the most popular overlay networks for anonymizing TCP traffic, however, the anonymity of Tor clients is threatened by various attacks exploiting traffic analysis or Tor's design features. Although considerable effort has been made ...
Low-resource routing attacks against tor
WPES '07: Proceedings of the 2007 ACM workshop on Privacy in electronic societyTor has become one of the most popular overlay networks for anonymizing TCP traffic. Its popularity is due in part to its perceived strong anonymity properties and its relatively low latency service. Low latency is achieved through Tor's ability to ...
Comments