Logo des Repositoriums

Auflistung nach Schlagwort "Tor"

1 - 2 von 2
  • Konferenzbeitrag
    Abusers don’t get Privacy. Sensitively Logging and Blocking Tor Abuse
    (SICHERHEIT 2020, 2020) Marx, Matthias
    Tor has a significant problem with malicious traffic routed through Tor exit nodes. They create a credible reason for websites to discriminate against Tor users. The abuse also creates a strong disincentive to run exit nodes since the exit node operators have to deal with abuse messages and possible law enforcement interactions. We want to detect and mitigate the attacks that happen through Tor exit nodes without undermining Tor users’ anonymity and privacy. We use a modified version of the Tor exit node to enable NIDS (Network Intrusion Detection) monitoring and termination of malicious activity on a per-circuit level. We use the Zeek IDS (formerly Bro) to detect attacks using robust mechanisms that have very low false positive rates. Initial results indicate that, using our approach, the number of abuse cases can be reduced.
  • Konferenzbeitrag
    Analyzing PeerFlow – A Bandwidth Estimation System for Untrustworthy Environments
    (SICHERHEIT 2020, 2020) Mitseva, Asya; Engel, Thomas; Panchenko, Andriy
    Tor is the most popular low-latency anonymization network comprising over 7,000 nodes run by volunteers. To balance the user traffic load over the diverse resource capabilities of these nodes, Tor guides users to choose nodes in proportion to their available bandwidth. However, self-reported bandwidth values are not trustworthy. Recently, a new bandwidth measurement system, PeerFlow, has been proposed aiming to solve the Tor bandwidth estimation problem. In this work, we introduce the first practical analysis of PeerFlow. We proposed a set of strategies for the practical realization of probation periods in PeerFlow and showed that many Tor nodes cannot recover to their normal state after one measuring period. We also demonstrated that low-bandwidth adversaries gain significantly higher bandwidth estimates exceeding the theoretically defined security boundaries of PeerFlow.