Abusing privacy infrastructures : case study of Tor

Sanatinia, Amirali

doi:10.17760/d20283799

Cited by 1 publication

(2 citation statements)

References 88 publications

(94 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This layered encryption ensures that each router knows the identities only of routers that are directly connected in the circuit. According to [15], to counter traffic correlation attacks, no two routers are chosen from the same family group to create a circuit. Sometimes, a bridge is introduced as a hidden entry router to resist censorship further.…”

Section: Background a Tormentioning

confidence: 99%

See 1 more Smart Citation

Tracing Website Attackers by Analyzing Onion Routers’ Log Files

Pei

Oida

2020

IEEE Access

View full text Add to dashboard Cite

The Onion Router (Tor) is one of the major network systems that provide anonymous communication and censorship circumvention. Tor enables its users to surf the Internet, chat, and send messages anonymously; however, cyber attackers also exploit the system for circumventing criminal activity detection. Recently, various approaches that prevent or mitigate abuse of Tor have been proposed in the literature. This paper, which presents one of the approaches, addresses an IP traceback problem. In our model, onion routers that voluntarily participate in attacker tracing detect attack packets (packets carrying attacker's code or data) recorded in the log files by sharing necessary information with an attacked server over an Ethereum blockchain network. The detection algorithm in this paper uses the statistics of packet travel and relay times and outputs attack-packet candidates. The proposed method attaches a reliability degree to each candidate, which is based on the upper bounds of its Type I and II error rates. A smart contract running on the blockchain network ranks the detection results from onion routers according to the reliability degrees.

show abstract

Section: Background a Tormentioning

confidence: 99%

“…Note thatT req andT res in Conditions 7 and are defined in (14) and (15). Conditions 1-6 are the same as those in Problem 1, except that T 1 and T 2 are replaced with T 1 and T 2 , respectively, and IP (client) and IP (middle) do not appear in Condition 3 (because they are in the client's log file).…”

Section: Detection Phasementioning

confidence: 99%