Trawling for Tor Hidden Services: Detection, Measurement, Deanonymization

Trawling for Tor Hidden Services: Detection, Measurement, Deanonymization

Tor is the most popular volunteer-based anonymity network consisting of over 3000 volunteer-operated relays. Apart from making connections to servers hard to trace to their origin it can also provide receiver privacy for Internet services through a feature called "hidden services". In this...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Biryukov, A., Pustogarov, I., Weinmann, R.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
anonymity network
Bandwidth
hidden services
IP networks
Malware
Privacy
Relays
Servers
Tor
Web and internet services
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Tor is the most popular volunteer-based anonymity network consisting of over 3000 volunteer-operated relays. Apart from making connections to servers hard to trace to their origin it can also provide receiver privacy for Internet services through a feature called "hidden services". In this paper we expose flaws both in the design and implementation of Tor's hidden services that allow an attacker to measure the popularity of arbitrary hidden services, take down hidden services and deanonymize hidden services. We give a practical evaluation of our techniques by studying: (1) a recent case of a botnet using Tor hidden services for command and control channels; (2) Silk Road, a hidden service used to sell drugs and other contraband; (3) the hidden service of the DuckDuckGo search engine.
ISSN:1081-6011
2375-1207
DOI:10.1109/SP.2013.15