Skip to Main content Skip to Navigation
Conference papers

Digging into anonymous traffic: A deep analysis of the Tor anonymizing network

Abdelberi Chaabane 1 P. Manils 1 Mohamed Ali Kaafar 1, *
* Corresponding author
1 PLANETE - Protocols and applications for the Internet
Inria Grenoble - Rhône-Alpes, CRISAM - Inria Sophia Antipolis - Méditerranée
Abstract : Users' anonymity and privacy are among the major concerns of today's Internet. Anonymizing networks are then poised to become an important service to support anonymous-driven Internet communications and consequently enhance users' privacy protection. Indeed, Tor an example of anonymizing networks based on onion routing concept attracts more and more volunteers, and is now popular among dozens of thousands of Internet users. Surprisingly, very few researches shed light on such an anonymizing network. Beyond providing global statistics on the typical usage of Tor in the wild, we show that Tor is actually being mis-used, as most of the observed traffic belongs to P2P applications. In particular, we quantify the BitTorrent traffic and show that the load of the latter on the Tor network is underestimated because of encrypted BitTorrent traffic (that can go unnoticed). Furthermore, this paper provides a deep analysis of both the HTTP and BitTorrent protocols giving a complete overview of their usage. We do not only report such usage in terms of traffic size and number of connections but also depict how users behave on top of Tor. We also show that Tor usage is now diverted from the onion routing concept and that Tor exit nodes are frequently used as 1-hop SOCKS proxies, through a so-called tunneling technique. We provide an efficient method allowing an exit node to detect such an abnormal usage. Finally, we report our experience in effectively crawling bridge nodes, supposedly revealed sparingly in Tor.
Document type :
Conference papers
Complete list of metadatas
Contributor : Mohamed Ali Kaafar <>
Submitted on : Monday, November 5, 2012 - 10:59:10 AM
Last modification on : Friday, April 27, 2018 - 10:04:53 AM

Links full text




Abdelberi Chaabane, P. Manils, Mohamed Ali Kaafar. Digging into anonymous traffic: A deep analysis of the Tor anonymizing network. Network and System Security (NSS), 2010 4th International Conference on, Sep 2010, Melbourne, Australia. pp.167--174, ⟨10.1109/NSS.2010.47⟩. ⟨hal-00748233⟩



Record views