Logo des Repositoriums
 
Konferenzbeitrag

Abusers don’t get Privacy. Sensitively Logging and Blocking Tor Abuse

Lade...
Vorschaubild

Volltext URI

Dokumententyp

Text/Conference Paper

Zusatzinformation

Datum

2020

Autor:innen

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Verlag

Gesellschaft für Informatik e.V.

Zusammenfassung

Tor has a significant problem with malicious traffic routed through Tor exit nodes. They create a credible reason for websites to discriminate against Tor users. The abuse also creates a strong disincentive to run exit nodes since the exit node operators have to deal with abuse messages and possible law enforcement interactions. We want to detect and mitigate the attacks that happen through Tor exit nodes without undermining Tor users’ anonymity and privacy. We use a modified version of the Tor exit node to enable NIDS (Network Intrusion Detection) monitoring and termination of malicious activity on a per-circuit level. We use the Zeek IDS (formerly Bro) to detect attacks using robust mechanisms that have very low false positive rates. Initial results indicate that, using our approach, the number of abuse cases can be reduced.

Beschreibung

Marx, Matthias (2020): Abusers don’t get Privacy. Sensitively Logging and Blocking Tor Abuse. SICHERHEIT 2020. DOI: 10.18420/sicherheit2020_16. Bonn: Gesellschaft für Informatik e.V.. PISSN: 1617-5468. ISBN: 978-3-88579-695-4. pp. 153-158. Doktorandenforum. Göttingen, Germany. 17.-20. März 2020

Zitierform

Tags