Abstract
In August 2013, the Tor network experienced a sudden, drastic reduction in performance due to the Mevade/Sefnit botnet. This botnet ran its command and control server as a Tor hidden service, so that all infected nodes contacted the command and control through Tor. In this paper, we consider several protocol changes to protect Tor against future incidents of this nature, describing the research challenges that must be solved in order to evaluate and deploy each of these methods. In particular, we consider four technical approaches: resource-based throttling, guard node throttling, reuse of failed partial circuits, and hidden service circuit isolation.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
Work done while on sabbatical with the Tor Project.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Naturally, finding the right number to use for this default rate is also an interesting research challenge: a very low rate-limit could prevent bots from flooding the network but might also disrupt legitimate hidden service clients.
- 2.
Detecting this condition in a privacy-preserving manner represents another technical challenge requiring further research.
References
Ahmad, A.S.E., Yan, J., Tayara, M.: The robustness of google CAPTCHAs. Technical report Computing Science Technical report CS-TR-1278, Newcastle University (2011)
Back, A., et al.: Hashcash-a denial of service counter-measure (2002)
Barbera, M.V., Kemerlis, V.P., Pappas, V., Keromytis, A.D.: CellFlood: attacking tor onion routers on the cheap. In: Crampton, J., Jajodia, S., Mayes, K. (eds.) ESORICS 2013. LNCS, vol. 8134, pp. 664–681. Springer, Heidelberg (2013)
Biryukov, A., Pustogarov, I., Weinmann, R.P.: Content and popularity analysis of tor hidden services. arXiv [cs.CR], August 2013
Biryukov, A., Pustogarov, I., Weinmann, R.P.: Trawling for tor hidden services: detection, measurement, deanonymization. In: Proceedings of the 2013 IEEE Symposium on Security and Privacy, May 2013
Borisov, N., Danezis, G., Mittal, P., Tabriz, P.: Denial of service or denial of security? How attacks on reliability can compromise anonymity. In: Proceedings of CCS 2007, October 2007
Bursztein, E., Martin, M., Mitchell, J.: Text-based CAPTCHA strengths and weaknesses. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS ’11, pp. 125–138. ACM, New York (2011)
Goldberg, I., Stebila, D., Ustaoglu, B.: Anonymity and one-way authentication in key exchange protocols. Des. Codes Crypt. 67(2), 245–269 (2013)
Jansen, R., Hopper, N.: Shadow: running tor in a box for accurate and efficient experimentation. In: Proceedings of the Network and Distributed System Security Symposium - NDSS’12, Internet Society, February 2012
Jansen, R., Hopper, N., Kim, Y.: Recruiting new Tor relays with BRAIDS. In: Keromytis, A.D., Shmatikov, V. (eds.) Proceedings of the 2010 ACM Conference on Computer and Communications Security (CCS 2010), ACM, October 2010
Jones, D.W.: Chain voting. In: Workshop on Developing an Analysis of Threats to Voting Systems, National Institute of Standards and Technology (2005)
Reiter, M.K., Wang, X.-F., Wright, M.: Building reliable mix networks with fair exchange. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 378–392. Springer, Heidelberg (2005)
Acknowledgements
Thanks to Mike Perry, Ian Goldberg, Yoshi Kohno, and Roger Dingledine for helpful comments about the problems discussed in this paper. This work was supported by the U.S. National Science Foundation under grants 1111734 and 1314637 and DARPA.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 International Financial Cryptography Association
About this paper
Cite this paper
Hopper, N. (2014). Challenges in Protecting Tor Hidden Services from Botnet Abuse. In: Christin, N., Safavi-Naini, R. (eds) Financial Cryptography and Data Security. FC 2014. Lecture Notes in Computer Science(), vol 8437. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-45472-5_21
Download citation
DOI: https://doi.org/10.1007/978-3-662-45472-5_21
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-45471-8
Online ISBN: 978-3-662-45472-5
eBook Packages: Computer ScienceComputer Science (R0)