Defending Tor from Network Adversaries: A Case Study of Network Path Prediction
This work addresses vulnerabilities in the Tor anonymity network for users seeking privacy, but it is incremental as it builds on existing path inference methods.
The study assessed the accuracy of network path prediction techniques in identifying threats to Tor from autonomous systems and Internet exchanges, finding that prediction errors impact security and that using predictions to avoid adversaries poses design challenges.
The Tor anonymity network has been shown vulnerable to traffic analysis attacks by autonomous systems and Internet exchanges, which can observe different overlay hops belonging to the same circuit. We aim to determine whether network path prediction techniques provide an accurate picture of the threat from such adversaries, and whether they can be used to avoid this threat. We perform a measurement study by running traceroutes from Tor relays to destinations around the Internet. We use the data to evaluate the accuracy of the autonomous systems and Internet exchanges that are predicted to appear on the path using state-of-the-art path inference techniques; we also consider the impact that prediction errors have on Tor security, and whether it is possible to produce a useful overestimate that does not miss important threats. Finally, we evaluate the possibility of using these predictions to actively avoid AS and IX adversaries and the challenges this creates for the design of Tor.