“…An attacker such as an LEA can obtain this information from the service providers via legal procedures. Iacovazzi et al [108] introduce an inverse flow watermarking attack called INFLOW to de-anonymise HSs. They argue that in previous watermarking attacks, the attack was only effective in tracking watermarks from source to destination, as a watermark only travels in the direction of the traffic flow.…”
Section: Hybridmentioning
confidence: 99%
“…Overdorf et al conclude that WF attacks are successful on HSs and certain HSs are more likely to be de-anonymised based on factors such as the size and the dynamics of the HS. The more recent watermark attacks on HSs [108], [109] are reported to be effective. These attacks exploit Tor's congestion control mechanism and, having been tested against more recent versions of Tor, present a major threat to the anonymity of HSs.…”
Anonymity networks are becoming increasingly popular in today's online world as more users attempt to safeguard their online privacy. Tor is currently the most popular anonymity network in use and provides anonymity to both users and services (hidden services). However, the anonymity provided by Tor is also being misused in various ways. Hosting illegal sites for selling drugs, hosting command and control servers for botnets, and distributing censored content are but a few such examples. As a result, various parties, including governments and law enforcement agencies, are interested in attacks that assist in de-anonymising the Tor network, disrupting its operations, and bypassing its censorship circumvention mechanisms. In this survey paper, we review known Tor attacks and identify current techniques for the de-anonymisation of Tor users and hidden services. We discuss these techniques and analyse the practicality of their execution method. We conclude by discussing improvements to the Tor framework that help prevent the surveyed de-anonymisation attacks.
“…An attacker such as an LEA can obtain this information from the service providers via legal procedures. Iacovazzi et al [108] introduce an inverse flow watermarking attack called INFLOW to de-anonymise HSs. They argue that in previous watermarking attacks, the attack was only effective in tracking watermarks from source to destination, as a watermark only travels in the direction of the traffic flow.…”
Section: Hybridmentioning
confidence: 99%
“…Overdorf et al conclude that WF attacks are successful on HSs and certain HSs are more likely to be de-anonymised based on factors such as the size and the dynamics of the HS. The more recent watermark attacks on HSs [108], [109] are reported to be effective. These attacks exploit Tor's congestion control mechanism and, having been tested against more recent versions of Tor, present a major threat to the anonymity of HSs.…”
Anonymity networks are becoming increasingly popular in today's online world as more users attempt to safeguard their online privacy. Tor is currently the most popular anonymity network in use and provides anonymity to both users and services (hidden services). However, the anonymity provided by Tor is also being misused in various ways. Hosting illegal sites for selling drugs, hosting command and control servers for botnets, and distributing censored content are but a few such examples. As a result, various parties, including governments and law enforcement agencies, are interested in attacks that assist in de-anonymising the Tor network, disrupting its operations, and bypassing its censorship circumvention mechanisms. In this survey paper, we review known Tor attacks and identify current techniques for the de-anonymisation of Tor users and hidden services. We discuss these techniques and analyse the practicality of their execution method. We conclude by discussing improvements to the Tor framework that help prevent the surveyed de-anonymisation attacks.
“…Another paper showing an attack based on the fact that it is possible to control the entry node is by [46] who mentions that Tor has a TCP/Tor congestion management mechanism. This mechanism causes a data source to stop sending messages, until it receives an acknowledgement of receipt of a previous message.…”
Anonymous communications networks were born to protect the privacy of our communications, preventing censorship and traffic analysis. The most famous anonymous communication network is Tor. This anonymous communication network provides some interesting features, among them, we can mention user’s IP location or Tor Hidden Services (THS) as a mechanism to conceal the location of servers, mainly, web servers. THS is an important research field in Tor. However, there is a lack of reviews that sump up main findings and research challenges. In this article we present a systematic literature review that aims to offer a comprehensive view on the research made on Tor Hidden services presenting the state of the art and the different research challenges to be addressed. This review has been developed from a selection of 57 articles and present main findings and advances regarding Tor Hidden Services, limitations found, and future issues to be investigated.
“…It only observes the communication process to infer the relationship between users. Active traffic analysis [11,12,16,18,20,28] is mainly to artificially interfere with the traffic, and to achieve neither the purpose of exposure nor the means of intervention. There are some typical digital watermark model, such as packet transmission rate based watermark, inter packet watermark and packet sending interval watermark.…”
Anonymous network is widely used to access the Internet, causing varieties of cyber security incidents because of its anonymity, which increasingly affects the security of cyberspace. How to detect anonymous network flow to position the anonymous users, is becoming to a research hotspot. However, with rapid development of the encryption and network technology, it is a nontrivial task to detect and position the anonymous user in such a complex network environment.In this paper, we design a prototype system called Watermark based Tor Cross-domain Tracking System that is effectively detects and determine the sender and the receiver on the real Tor network to testify its function. Moreover, instead of conventional passive network flow analysis, this paper learns from active network flow analysis to design three digital watermark models to implement the embedding, extracting and matching of watermark information, and meanwhile it will not affect the network flow's content and transmission. Experimental results on the real data sets show that when embedding the three watermark models on the sender, watermark based Tor cross-domain tracking system indeed yields the positioning function.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.