Trawling for Tor Hidden Services: Detection, Measurement, Deanonymization

被引：109

作者：

Biryukov, Alex ^{[1
]}

Pustogarov, Ivan ^{[1
]}

Weinmann, Ralf-Philipp ^{[1
]}

机构：

[1] Univ Luxembourg, Luxembourg, Luxembourg

来源：

2013 IEEE SYMPOSIUM ON SECURITY AND PRIVACY (SP) | 2013年

关键词：

Tor; anonymity network; privacy; hidden services;

D O I：

10.1109/SP.2013.15

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Tor is the most popular volunteer-based anonymity network consisting of over 3000 volunteer-operated relays. Apart from making connections to servers hard to trace to their origin it can also provide receiver privacy for Internet services through a feature called "hidden services". In this paper we expose flaws both in the design and implementation of Tor's hidden services that allow an attacker to measure the popularity of arbitrary hidden services, take down hidden services and deanonymize hidden services. We give a practical evaluation of our techniques by studying: (1) a recent case of a botnet using Tor hidden services for command and control channels; (2) Silk Road, a hidden service used to sell drugs and other contraband; (3) the hidden service of the DuckDuckGo search engine.

引用

页码：80 / 94

页数：15

共 24 条

[1] [Anonymous], 2006, HOT NOT REVEALING HI, DOI [DOI 10.1145/1180405.1180410, 10.1145/1180405.1180410]
[2] [Anonymous], 2012, IAMA MALWARE CODER B
[3] Bauer K, 2007, WPES'07: PROCEEDINGS OF THE 2007 ACM WORKSHOP ON PRIVACY IN ELECTRONIC SOCIETY, P11
[4] Biryukov Alex, 2012, Computer Security - ESORICS 2012. Proceedings 17th European Symposium on Research in Computer Security, P469, DOI 10.1007/978-3-642-33167-1_27
[5] Brown Dennis., 2010, Resilient Botnet Command and Control with Tor
[6] CHRISTIN N., 2012, ABS12077139 CORR
[7] ON QUASI-STATIONARY DISTRIBUTIONS IN ABSORBING CONTINUOUS-TIME FINITE MARKOV CHAINS
DARROCH, JN
SENETA, E
[J]. JOURNAL OF APPLIED PROBABILITY, 1967, 4 (01) : 192 - &
[8] Dingledine R, 2004, USENIX ASSOCIATION PROCEEDINGS OF THE 13TH USENIX SECURITY SYMPOSIUM, P303
[9] The Sybil attack
Douceur, JR
[J]. PEER-TO-PEER SYSTEMS, 2002, 2429 : 251 - 260
[10] Elahi Tariq., 2012, P 2012 ACM WORKSHOP, P43

← 1 2 3 →