Spying in the dark: TCP and tor traffic analysis
作者: Yossi Gilad , Amir Herzberg
DOI: 10.1007/978-3-642-31680-7_6
关键词:
摘要: We show how to exploit side-channels identify clients without eavesdropping on the communication server, and relying known, distinguishable traffic patterns. present different attacks, utilizing side-channels, for two scenarios: a fully off-path attack detecting TCP connections, an Tor connections by only clients. Our attacks three types of side channels: globally-incrementing IP identifiers, used some operating systems, e.g., in Windows; packet processing delays, which depend state; bogus-congestion events, causing impact TCP's throughput (via congestion control mechanism). Our can (optionally) also benefit from sequential port allocation, deployed Windows Linux. The are practical - we results experiments all network environments scenarios. countermeasures these attacks.
springer.com
freehaven.net参考文章(37)
Roger Dingledine, Nathan S. Evans, Christian Grothoff, A practical congestion attack on tor using long paths usenix security symposium. pp. 33- 50 ,(2009)
Yossi Gilad, Amir Herzberg, Fragmentation considered vulnerable: blindly intercepting and discarding fragments WOOT'11 Proceedings of the 5th USENIX conference on Offensive technologies. pp. 2- 2 ,(2011)
J. Postel, Transmission Control Protocol Internet Request for Comment (RFC793). ,vol. 793, pp. 1- 91 ,(1981)
Gordon Fyodor Lyon, Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning ,(2009)
Sambuddho Chakravarty, Angelos Stavrou, Angelos D. Keromytis, Traffic analysis against low-latency anonymity networks using available bandwidth estimation european symposium on research in computer security. pp. 249- 267 ,(2010) , 10.1007/978-3-642-15497-3_16
George Danezis, The traffic analysis of continuous-time mixes privacy enhancing technologies. pp. 35- 50 ,(2004) , 10.1007/11423409_3
Michal Zalewski, Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks ,(2005)
Paul C. Kocher, Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems international cryptology conference. ,vol. 1109, pp. 104- 113 ,(1996) , 10.1007/3-540-68697-5_9
T. Killalea, Recommended Internet Service Provider Security Services and Procedures RFC. ,vol. 3013, pp. 1- 13 ,(2000)
Dimitris Gritzalis, Marianthi Theoharidou, Bart Preneel, Computer Security - Esorics 2010 ,(2011)