Skip to main content

Counter-RAPTOR: Safeguarding Tor Against Active Routing Attacks

Author(s): Sun, Y; Edmundson, A; Feamster, Nick; Chiang, M; Mittal, Prateek

Download
To refer to this page use: http://arks.princeton.edu/ark:/88435/pr17v63
Full metadata record
DC FieldValueLanguage
dc.contributor.authorSun, Y-
dc.contributor.authorEdmundson, A-
dc.contributor.authorFeamster, Nick-
dc.contributor.authorChiang, M-
dc.contributor.authorMittal, Prateek-
dc.date.accessioned2021-10-08T19:44:08Z-
dc.date.available2021-10-08T19:44:08Z-
dc.date.issued2017-06-26en_US
dc.identifier.citationSun, Y, Edmundson, A, Feamster, N, Chiang, M, Mittal, P. (2017). Counter-RAPTOR: Safeguarding Tor Against Active Routing Attacks. 977 - 992. doi:10.1109/SP.2017.34en_US
dc.identifier.urihttp://arks.princeton.edu/ark:/88435/pr17v63-
dc.description.abstractTor is vulnerable to network-level adversaries who can observe both ends of the communication to deanonymize users. Recent work has shown that Tor is susceptible to the previously unknown active BGP routing attacks, called RAPTOR attacks, which expose Tor users to more network-level adversaries. In this paper, we aim to mitigate and detect such active routing attacks against Tor. First, we present a new measurement study on the resilience of the Tor network to active BGP prefix attacks. We show that ASes with high Tor bandwidth can be less resilient to attacks than other ASes. Second, we present a new Tor guard relay selection algorithm that incorporates resilience of relays into consideration to proactively mitigate such attacks. We show that the algorithm successfully improves the security for Tor clients by up to 36% on average (up to 166% for certain clients). Finally, we build a live BGP monitoring system that can detect routing anomalies on the Tor network in real time by performing an AS origin check and novel detection analytics. Our monitoring system successfully detects simulated attacks that are modeled after multiple known attack types as well as a real-world hijack attack (performed by us), while having low false positive rates.en_US
dc.format.extent977 - 992en_US
dc.language.isoen_USen_US
dc.relation.ispartof2017 IEEE Symposium on Security and Privacy, SP 2017en_US
dc.rightsAuthor's manuscripten_US
dc.titleCounter-RAPTOR: Safeguarding Tor Against Active Routing Attacksen_US
dc.typeConference Articleen_US
dc.identifier.doidoi:10.1109/SP.2017.34-
dc.date.eissued2017-06-26en_US
pu.type.symplectichttp://www.symplectic.co.uk/publications/atom-terms/1.0/conference-proceedingen_US

Files in This Item:
File Description SizeFormat 
Counter RAPTOR Safeguarding Tor Against Active Routing Attacks.pdf1.3 MBAdobe PDFView/Download


Items in OAR@Princeton are protected by copyright, with all rights reserved, unless otherwise indicated.