on traffic analysis in tor
DESCRIPTION
On Traffic Analysis in Tor. Guest Lecture, ELE 574 Communications Security and Privacy Princeton University April 3 rd , 2014. Dr. Rob Jansen U.S. Naval Research Laboratory [email protected]. Anonymity with Tor. www.t orproject.org. Internet overlay network. Anonymity with Tor. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/1.jpg)
On Traffic Analysis in Tor
Guest Lecture, ELE 574Communications Security and Privacy
Princeton UniversityApril 3rd, 2014
Dr. Rob JansenU.S. Naval Research [email protected]
![Page 2: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/2.jpg)
Anonymity with Tor
www.torproject.org
Internet overlay network
![Page 3: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/3.jpg)
Anonymity with Tor
~1 million daily users, ~5000 relays
Low latency system
![Page 4: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/4.jpg)
Traffic Correlation
![Page 5: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/5.jpg)
Traffic Correlation
![Page 6: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/6.jpg)
Traffic Correlation
![Page 7: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/7.jpg)
Traffic Correlation
![Page 8: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/8.jpg)
Traffic Correlation
![Page 9: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/9.jpg)
Traffic Correlation
The biggest threat to Tor’s anonymity
![Page 10: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/10.jpg)
Traffic Correlation
The biggest threat to Tor’s anonymity
• Is traffic correlation realistic?
• Who might be in these positions?
• Would a nation-state be willing to launch correlation attacks?
![Page 11: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/11.jpg)
Anonymity with Onion Routing
![Page 12: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/12.jpg)
Traffic Correlation
Entry,a.k.a. guard
Middle Exit
![Page 13: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/13.jpg)
Traffic Correlation
Clients are ‘locked in’ to guard relays
Entry,a.k.a. guard
Middle Exit
![Page 14: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/14.jpg)
Traffic Correlation
Entry,a.k.a. guard
Middle Exit
Exit relays support various
exit policies
![Page 15: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/15.jpg)
Traffic Correlation
![Page 16: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/16.jpg)
Traffic Correlation
![Page 17: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/17.jpg)
Traffic Correlation
• How does the volunteer resource model affect the vulnerability to correlation attacks?
![Page 18: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/18.jpg)
Outline
● Background● Security against correlation (end-to-end)
– Metrics and methodology– Node adversaries– Link adversaries
● Correlation attacks (partial)– Stealthy throughput– Induced throttling
● Traffic admission control● Congestion control
![Page 19: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/19.jpg)
Traffic Correlation
• How can one measure how vulnerable real clients on the real network are to traffic correlation?
![Page 20: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/20.jpg)
Traffic Correlation
• Is there a difference between targeted correlation and general surveillance?
![Page 21: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/21.jpg)
Security Metrics
Principles● Probability distribution● Measured on human timescales● Based on real network and adversaries
![Page 22: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/22.jpg)
Security Metrics
Principles● Probability distribution● Measured on human timescales● Based on real network and adversariesMetrics (Probability distributions)● Time until first path compromise● Number of path compromises for a given
user over given time period
![Page 23: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/23.jpg)
Approach: Overview
User Profiles
PathSimulator
Tor Network Data
Attack Analysis
PS
![Page 24: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/24.jpg)
Approach: User Profiles
Build a 20-minute trace of each activity.
Capture destinations/ports
visited
Gmail/GChat
GCal/GDocs
Web search
IRC BitTorrent
Typical Chat File Sharing
Consider how users actually use Tor
![Page 25: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/25.jpg)
Approach: User Profiles
“Replay” traces to generate streams based on user behavior
Typical Chat File Sharing
• 2632 traces per week
• 205 destinations• 2 ports
• 135 traces per week
• 1 destinations• 1 port
• 6768 traces per week
• 171 destinations• 118 ports
![Page 26: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/26.jpg)
Approach: User Profiles
“Replay” traces to generate streams based on user behavior
Typical Chat File Sharing
• 2632 traces per week
• 205 destinations• 2 ports
• 135 traces per week
• 1 destinations• 1 port
• 6768 traces per week
• 171 destinations• 118 ports
• Is the user model accurate?• What are the challenges?
![Page 27: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/27.jpg)
User Behavior Affects Relay Selection
Port 443HTTPS
Permitted by 93% of exits measured by bandwidth
BAD GOOD
Port 6523Gobby Collaborative Editor
Permitted by 20% of exits measured by bandwidth
Some applications are not well-supportedby Tor due to exit policies
![Page 28: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/28.jpg)
Approach: Tor Network DataConsider the Tor network as it changes over a long period of time:
• Relays join and leave• Bandwidth changes• Exit/Guard designations change
Hourly consensuses
Monthly server descriptors
Use Tor Project archives to obtain state of network over 3
to 6 months
![Page 29: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/29.jpg)
Combine User and Tor Network models using TorPS to produce the circuits Tor would use
PS
• Re-implements path selection • Based on Tor stable version (0.2.3.25)• Considers:
• Bandwidth weighting• Exit policies• Guards and guard rotation• Hibernation• /16 and family conflicts
• Omits effects of network performance
Tor Network Data & User Profiles
Generated Tor circuits
Approach: Simulate Tor with TorPS
![Page 30: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/30.jpg)
Approach: Overview
User Profiles
PathSimulator
Tor Network Data
Attack Analysis
PS
![Page 31: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/31.jpg)
Outline
● Background● Security against correlation (end-to-end)
– Metrics and methodology– Node adversaries– Link adversaries
● Correlation attacks (partial)– Stealthy throughput– Induced throttling
● Traffic admission control● Congestion control
![Page 32: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/32.jpg)
Node Adversary
![Page 33: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/33.jpg)
Node Adversary
Controls a fixed allotment of relays based on bandwidth budget
• We assume adversary has 100 MiB/s – comparable to large family of relays
• Adversaries apply 5/6th of bandwidth to guard relays and the rest to exit relays. (We found this to be the most effective allocation we tested.)
![Page 34: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/34.jpg)
Node Adversary
Controls a fixed allotment of relays based on bandwidth budget
• We assume adversary has 100 MiB/s – comparable to large family of relays
• Adversaries apply 5/6th of bandwidth to guard relays and the rest to exit relays. (We found this to be the most effective allocation we tested.)
• Is 100 MiB/s realistic for an adversary?
![Page 35: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/35.jpg)
October 2012 – March 2013
50% of clients use a compromised circuit in less than 70 days
Time to First Compromised Circuit
![Page 36: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/36.jpg)
Fraction of Compromised Streams
User behavior significantly affects
anonymity
October 2012 – March 2013
![Page 37: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/37.jpg)
Outline
● Background● Security against correlation (end-to-end)
– Metrics and methodology– Node adversaries– Link adversaries
● Correlation attacks (partial)– Stealthy throughput– Induced throttling
● Traffic admission control● Congestion control
![Page 38: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/38.jpg)
AS1 AS2 AS3 AS4 AS5
AS9
AS8
AS7AS6
Network Adversary
![Page 39: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/39.jpg)
AS1 AS2 AS3 AS4 AS5
AS9
AS8
AS7AS6
Network Adversary Autonomous Systems (ASes)
![Page 40: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/40.jpg)
AS1 AS2 AS3 AS4 AS5
AS9
AS8
AS7AS6
Network AdversaryInternet
Exchange Points (IXPs)
![Page 41: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/41.jpg)
AS1 AS2 AS3 AS4 AS5
AS9
AS8
AS7AS6
• Adversary has fixed location• Adversary may control multiple entitites
Network Adversary
![Page 42: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/42.jpg)
AS1 AS2 AS3 AS4 AS5
AS9
AS8
AS7AS6
• Adversary has fixed location• Adversary may control multiple entitites
Network Adversary
• Should most users be concerned with a network adversary?
![Page 43: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/43.jpg)
Simulating a Network Adversary
1 44
112
23
Build AS-level Graph
(CAIDA)
![Page 44: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/44.jpg)
Simulating a Network Adversary
1 44
112
23
Build AS-level Graph
(CAIDA)
Place points of interest
(Maxmind, traces)
![Page 45: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/45.jpg)
Simulating a Network Adversary
1 44
112
23
Build AS-level Graph
(CAIDA)
Place points of interest
(Maxmind, traces)
Find AS-level routes
(Gao’02, CAIDA)
![Page 46: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/46.jpg)
Selecting Network Adversaries
1. Rank each AS/IXP for each client location by frequency on entry or exit paths;
2. Exclude src/dst ASes (compromises nearly all paths); and
3. Assign adversary to top k ASes or IXPs
![Page 47: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/47.jpg)
January 2013 – March 2013
Location matters.
Adversary Controls One AS
“best”/“worst” denote most/least
secure client
![Page 48: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/48.jpg)
January 2013 – March 2013
Adversary Controls One IXP Organization
“best”/“worst” denote most/least
secure client
![Page 49: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/49.jpg)
January 2013 – March 2013
Adversary Controls One IXP Organization
“best”/“worst” denote most/least
secure client• How can a user determine their
safety? How can they become safer?
![Page 50: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/50.jpg)
Traffic Correlation
• What if the adversary only controls one of the ends?
![Page 51: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/51.jpg)
Outline
● Background● Security against correlation (end-to-end)
– Metrics and methodology– Node adversaries– Link adversaries
● Correlation attacks (partial)– Stealthy throughput– Induced throttling
● Traffic admission control● Congestion control
![Page 52: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/52.jpg)
Traffic Correlation: Throughput
Mittal et.al. CCS’11
Adversary runs malicious exit
![Page 53: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/53.jpg)
Traffic Correlation: Throughput
Mittal et.al. CCS’11
Client downloads through circuit
![Page 54: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/54.jpg)
Traffic Correlation: Throughput
Mittal et.al. CCS’11
Probes download through all guards
![Page 55: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/55.jpg)
Traffic Correlation: Throughput
Mittal et.al. CCS’11
Correlate change in throughput at exit
with change in throughput at probes
![Page 56: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/56.jpg)
Traffic Correlation: Throughput
Mittal et.al. CCS’11
Correlate change in throughput at exit
with change in throughput at probes
• How is this attack “stealthy”?
![Page 57: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/57.jpg)
Outline
● Background● Security against correlation (end-to-end)
– Metrics and methodology– Node adversaries– Link adversaries
● Correlation attacks (partial)– Stealthy throughput– Induced throttling
● Traffic admission control● Congestion control
![Page 58: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/58.jpg)
Tor != Internet
● Specialized Tor performance enhancements– Reducing load: traffic admission control– Reducing load, improving utilization: congestion control
![Page 59: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/59.jpg)
Traffic Admission Control
![Page 60: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/60.jpg)
Traffic Admission Control
• Which connections?• At what rate?
![Page 61: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/61.jpg)
Traffic Admission Control
• Which connections?• At what rate?
Sybilattack!
![Page 62: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/62.jpg)
Traffic Admission Control
![Page 63: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/63.jpg)
Traffic Admission Control
• Sybil attack (connect only)
Geddes et.al. PETS’13
![Page 64: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/64.jpg)
Traffic Admission Control
Throughput drops to throttle rate Geddes et.al.
PETS’13
![Page 65: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/65.jpg)
Traffic Admission Control
• Disconnect sybils
Geddes et.al. PETS’13
![Page 66: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/66.jpg)
Traffic Admission Control
Throughput increases Geddes et.al.
PETS’13
![Page 67: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/67.jpg)
Traffic Admission Control
Throughput increases Geddes et.al.
PETS’13
• Is this attack “stealthy”?
![Page 68: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/68.jpg)
Induced Throttling Prototypebitsplit flag
threshold
Geddes et.al. PETS’13
![Page 69: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/69.jpg)
Tor != Internet
● Specialized Tor performance enhancements– Reducing load: traffic admission control– Reducing load, improving utilization: congestion control
![Page 70: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/70.jpg)
Congestion Control
50 cells (max 500)
![Page 71: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/71.jpg)
Congestion Control
SENDME
50 cells (max 500)
![Page 72: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/72.jpg)
Congestion Control
500 cells
Geddes et.al. PETS’13
![Page 73: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/73.jpg)
Congestion Control
500 cells
Throughput drops to 0 Geddes et.al.
PETS’13
![Page 74: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/74.jpg)
Congestion Control
500 cells
SENDME
Geddes et.al. PETS’13
![Page 75: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/75.jpg)
Congestion Control
500 cells
SENDME
Throughput increases Geddes et.al.
PETS’13
![Page 76: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/76.jpg)
Congestion Control
500 cells
SENDME
Throughput increases Geddes et.al.
PETS’13
• Is this attack “stealthy”?
![Page 77: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/77.jpg)
Induced Throttling Prototype
Geddes et.al. PETS’13
![Page 78: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/78.jpg)
Induced Throttling Results
Raw throughput
Smoothed throughput
Geddes et.al. PETS’13
![Page 79: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/79.jpg)
Outline
● Background● Security against correlation (end-to-end)
– Metrics and methodology– Node adversaries– Link adversaries
● Correlation attacks (partial)– Stealthy throughput– Induced throttling
● Traffic admission control● Congestion control
![Page 80: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/80.jpg)
Traffic Correlation
• How might we defend against ALL traffic correlation attacks?
![Page 82: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/82.jpg)
Conclusion
● Presented a realistic and comprehensive analysis of Tor’s security against traffic correlation
● User behavior/location heavily affects anonymity against realistic adversaries
● An adversary with 100 MiB/s of bandwidth has a >50% probability of de-anonymizing the average Tor user within 3 months
● Open Questions:– Does the current Tor guard rotation period hurt anonymity?– Are there ways to select relays that can avoid adversaries?
82
![Page 83: On Traffic Analysis in Tor](https://reader036.vdocuments.us/reader036/viewer/2022062302/5681641e550346895dd5dccb/html5/thumbnails/83.jpg)
Tor is Efficient: ~65% Utilization