Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
PET
2007
Springer
2007
Springer
Browser-Based Attacks on Tor
This paper describes a new attack on the anonymity of web browsing with Tor. The attack tricks a user’s web browser into sending a distinctive signal over the Tor network that can be detected using traffic analysis. It is delivered by a malicious exit node using a man-in-themiddle attack on HTTP. Both the attack and the traffic analysis can be performed by an adversary with limited resources. While the attack can only succeed if the attacker controls one of the victim’s entry guards, the method reduces the time required for a traffic analysis attack on Tor from O(nk) to O(n + k), where n is the number of exit nodes and k is the number of entry guards. This paper presents techniques that exploit the Tor exit policy system to greatly simplify the traffic analysis. The fundamental vulnerability exposed by this paper is not specific to Tor but rather to the problem of anonymous web browsing itself. This paper also describes a related attack on users who toggle the use of Tor with the ...
Real-time TrafficRelated Content
| Added | 09 Jun 2010 |
| Updated | 09 Jun 2010 |
| Type | Conference |
| Year | 2007 |
| Where | PET |
| Authors | Timothy G. Abbott, Katherine J. Lai, Michael R. Lieberman, Eric C. Price |
Comments (0)
Researcher Info
|
