Identifying and Characterizing Sybils in the Tor Network
نویسندگان
چکیده
Being a volunteer-run, distributed anonymity network, Tor is vulnerable to Sybil attacks. Little is known about real-world Sybils in the Tor network, and we lack practical tools and methods to expose Sybil attacks. In this work, we develop sybilhunter, the first system for detecting Sybil relays based on their appearance, such as configuration; and behavior, such as uptime sequences. We used sybilhunter’s diverse analysis techniques to analyze nine years of archived Tor network data, providing us with new insights into the operation of real-world attackers. Our findings include diverse Sybils, ranging from botnets, to academic research, and relays that hijack Bitcoin transactions. Our work shows that existing Sybil defenses do not apply to Tor, it delivers insights into realworld attacks, and provides practical tools to uncover and characterize Sybils, making the network safer for its users.
منابع مشابه
Improving Tor security against timing and traffic analysis attacks with fair randomization
The Tor network is probably one of the most popular online anonymity systems in the world. It has been built based on the volunteer relays from all around the world. It has a strong scientific basis which is structured very well to work in low latency mode that makes it suitable for tasks such as web browsing. Despite the advantages, the low latency also makes Tor insecure against timing and tr...
متن کاملProtecting the Tor network from Sybil attacks Talk proposal
The Tor network is periodically subject to Sybil attacks. Most of these attacks were not carefully executed and Tor directory authority operators were quick to detect and block the malignant relays. However, the Tor network lacks sophisticated tools to detect and protect against Sybil attacks. As a result, more advanced attacks could remain undetected. While there is a large body of work dedica...
متن کاملDetecting Sybils in Peer-to-Peer File Replication Systems
The test of a peer-to-peer file sharing network is how efficiently the objects are discovered and retrieved. One of the most important factors that contribute towards this is optimal replication of the objects across the network. One of the security threats to replication model is Sybil attack. In this paper we propose an approach that aims at detecting sybil identities in peer-to-peer file sha...
متن کاملStructure-based Sybil Detection in Social Networks via Local Rule-based Propagation
Social networks are known to be vulnerable to the so-called Sybil attack, in which an attacker maintains massive Sybils and uses them to perform various malicious activities. Therefore, Sybil detection in social networks is a basic security research problem. Structure-based methods have been shown to be promising at detecting Sybils. Existing structure-based methods can be classified into two c...
متن کاملA Practical Congestion Attack on Tor Using Long Paths
In 2005, Murdoch and Danezis demonstrated the first practical congestion attack against a deployed anonymity network. They could identify which relays were on a target Tor user’s path by building paths one at a time through every Tor relay and introducing congestion. However, the original attack was performed on only 13 Tor relays on the nascent and lightly loaded Tor network. We show that the ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2016