Waterfiling: Balancing the Tor network with maximum diversity
This work addresses security vulnerabilities in the Tor network for users seeking anonymity, though it appears incremental as it builds on existing circuit selection methods.
The paper tackles the problem of traffic correlation attacks in the Tor network by introducing the Waterfilling circuit selection method, which balances network load to increase the number of adversary-controlled nodes needed for a successful attack while slightly reducing the required bandwidth, as shown through simulations with TorPS and Shadow tools.
We present the Waterfilling circuit selection method, which we designed in order to mitigate the risks of a successful end-to-end traffic correlation attack. Waterfilling proceeds by balancing the Tor network load as evenly as possible on endpoints of user paths. We simulate the use of Waterfilling thanks to the TorPS and Shadow tools. Applying several security metrics, we show that the adoption of Waterfilling considerably increases the number of nodes that an adversary needs to control in order to be able to mount a successful attack, while somewhat decreasing the minimum amount of bandwidth required to do so. Moreover, we evaluate Waterfilling into Shadow and show that it does not impact significantly the performance of the network. Furthermore, Waterfilling reduces the benefits that an attacker could obtain by hacking into a top bandwidth Tor relay, hence limiting the risks raised by such relays.