Digging into anonymous traffic: A deep analysis of the Tor anonymizing network

A. Chaabane 1 P. Manils Mohamed Ali Kaafar 1, *
* Auteur correspondant
1 PLANETE - Protocols and applications for the Internet
Inria Grenoble - Rhône-Alpes, CRISAM - Inria Sophia Antipolis - Méditerranée
Abstract : Users' anonymity and privacy are among the major concerns of today's Internet. Anonymizing networks are then poised to become an important service to support anonymous-driven Internet communications and consequently enhance users' privacy protection. Indeed, Tor an example of anonymizing networks based on onion routing concept attracts more and more volunteers, and is now popular among dozens of thousands of Internet users. Surprisingly, very few researches shed light on such an anonymizing network. Beyond providing global statistics on the typical usage of Tor in the wild, we show that Tor is actually being mis-used, as most of the observed traffic belongs to P2P applications. In particular, we quantify the BitTorrent traffic and show that the load of the latter on the Tor network is underestimated because of encrypted BitTorrent traffic (that can go unnoticed). Furthermore, this paper provides a deep analysis of both the HTTP and BitTorrent protocols giving a complete overview of their usage. We do not only report such usage in terms of traffic size and number of connections but also depict how users behave on top of Tor. We also show that Tor usage is now diverted from the onion routing concept and that Tor exit nodes are frequently used as 1-hop SOCKS proxies, through a so-called tunneling technique. We provide an efficient method allowing an exit node to detect such an abnormal usage. Finally, we report our experience in effectively crawling bridge nodes, supposedly revealed sparingly in Tor.
Type de document :
Communication dans un congrès
Network and System Security (NSS), 2010 4th International Conference on, Sep 2010, Melbourne, Australia. pp.167--174, 2010, 〈10.1109/NSS.2010.47〉
Liste complète des métadonnées

https://hal.inria.fr/hal-00748233
Contributeur : Mohamed Ali Kaafar <>
Soumis le : lundi 5 novembre 2012 - 10:59:10
Dernière modification le : jeudi 11 janvier 2018 - 16:21:52

Identifiants

Collections

Citation

A. Chaabane, P. Manils, Mohamed Ali Kaafar. Digging into anonymous traffic: A deep analysis of the Tor anonymizing network. Network and System Security (NSS), 2010 4th International Conference on, Sep 2010, Melbourne, Australia. pp.167--174, 2010, 〈10.1109/NSS.2010.47〉. 〈hal-00748233〉

Partager

Métriques

Consultations de la notice

136