Researchers from Princeton University and the Swiss Federal Institutes of Technology Zurich have demonstrated the effectiveness of a suite of traffic analysis attacks that deanonymize Tor users. The team calls the suite Raptor attacks, and says they are composed of three individual attacks whose effects are compounded.
First, Raptor exploits the asymmetric nature of Internet routing, as the BGP path from a sender to a receiver can be different than the BGP path from the receiver to the sender. Raptor next exploits natural churn in Internet routing, in which BGP paths change over time due to link or router failures, the setup of new Internet links or peering relationships, or changes in autonomous system routing policies. Third, Raptor exploits the inherent insecurity of Internet routing, in which strategic adversaries can manipulate Internet routing via BGP hijack and interception attacks against the Tor network.
In tests against both historical BGP data and Traceroute data, and on the live Tor network, asymmetric traffic analysis attacks deanonymized users with 95-percent accuracy, and a BGP interception attack deanonymized Tor users with 90-percent accuracy.
The team also shared techniques to detect and prevent these attacks.
From Help Net Security
View Full Article
Abstracts Copyright © 2015 Information Inc., Bethesda, Maryland, USA
No entries found