towards predicting efficient and anonymous tor circuits
TRANSCRIPT
![Page 1: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/1.jpg)
Towards Predicting Efficient and Anonymous Tor Circuits
Armon Barton1, Mohsen Imani1, Jiang Ming1, and Matthew Wright2
[1] University of Texas at Arlington, [2] Rochester Institute of Technology
![Page 2: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/2.jpg)
Anonymity with Tor
● Millions of users● 7,000 + Tor relays
Tor Network
Guard
Exit
Middle
1
![Page 3: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/3.jpg)
Anonymity with Tor
● Millions of users● 7,000 + Tor relays
Tor Network
Guard
Exit
Middle
2
![Page 4: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/4.jpg)
Anonymity with Tor
Tor Network
Guard
Exit
Middle
3
![Page 5: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/5.jpg)
Latency in Tor
guard
exit
middleserver
4
![Page 6: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/6.jpg)
Tor Congestion
5
![Page 7: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/7.jpg)
Path Selection Algorithms● Bandwidth Weighted Selection● Snader and Borisov Selection● Congestion Aware Routing
6
![Page 8: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/8.jpg)
Bandwidth Weighted Path Selection
BW BW BWBW BW BW
7
![Page 9: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/9.jpg)
Tor Congestion
BW
8
![Page 10: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/10.jpg)
Snader and Borisov
BW BW BW
BW BW BWSB-9
SB-0
SB-15
9
![Page 11: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/11.jpg)
Tor Congestion
BW
10
![Page 12: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/12.jpg)
Snader and Borisov
BW BW BWSB-9
SB-0
BW BW BWSB-15
11
![Page 13: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/13.jpg)
Congestion Aware Routing
RTT
RTT
RTT
RTT
12
![Page 14: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/14.jpg)
Predic13
![Page 15: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/15.jpg)
1.2s
0.8s
1.5s
PredicTorTor Network
Trusted Authority
Consensus
k-NNRandom Forests
Clients
14
![Page 16: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/16.jpg)
Feature Extraction
BW BW BWAS AS AS
True
False
Training LabelTraining Features
Guard Middle Exit
15
![Page 17: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/17.jpg)
Evaluating AccuracyShadow Simulation
● 1000 clients, 400 relays, 70 servers● 320 KiB● Training set: 120,000 streams● Test set: 25,000 streams
Live Tor
● Server hosting 20 instances of Tor
● 80 KiB from a US server● Training set: 50,000 streams● Test set: 20,000 streams
16
![Page 18: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/18.jpg)
Evaluating Accuracy
Model Shadow Live Tor
k-NN 70% 64%
Random Forests 76% 70%
17
![Page 19: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/19.jpg)
PredicTor EvaluationImplemented PredicTor in the Tor source code
● Tested on Shadow and Live Tor● Compared with
○ BW (Vanilla)○ Congestion Aware Routing (CAR)○ Snader and Borisov (SB) - 9○ SB-15
18
![Page 20: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/20.jpg)
Shadow ExperimentPredicTor Improved Performance
● 23% compared to Vanilla● 13% compared to CAR● Speed up over 500ms in the med.● Over 1.5s in the 90th.● SB-9 and SB-15 performed the
slowest.
19
![Page 21: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/21.jpg)
Live Tor ExperimentPredicTor Improved Performance
● 11% compared to Vanilla● 6% compared to CAR● Over 1.0s in the 90th.● SB-9 and SB-15 performed the
slowest.
20
![Page 22: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/22.jpg)
Live Tor ExperimentCircuit Bandwidth
● SB-9○ 22% BW compared to Vanilla
● SB-15○ 97% BW compared to Vanilla
● Indicates ○ relays experience persistent congestion.○ performance gains in PredicTor are not
solely attributed to BW.
21
![Page 23: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/23.jpg)
Key FindingsShadow Simulation
● Relay Utilization○ SB-9, SB-15 utilized 50%○ Vanilla utilized 65%○ PredicTor utilized 85%
22
![Page 24: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/24.jpg)
Key FindingsLive Tor Experiment
● Circuit Length○ 680 km shorter compared
to vanilla.
23
![Page 25: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/25.jpg)
PredicTor Performance Gains● Avoiding nodes with persistent congestion.● Better relay utilization.● Builds circuits of shorter geographic distance.
24
![Page 26: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/26.jpg)
Security Evaluation● Entropy based metrics● All-or-nothing compromise ● AnoA Framework
25
![Page 27: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/27.jpg)
Client AS Inference (CLASI)
AdversaryChallenger PS
PS
P’ ←PSP’
L’ ← Predict(P’)L’
Compare(L,L’) 26
![Page 28: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/28.jpg)
Feature Extraction
BW BW BWAS AS AS
Training LabelTraining Features
Guard Middle Exit
Destination
AS
AS
Client
27
![Page 29: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/29.jpg)
Client AS Inference (CLASI)
28
![Page 30: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/30.jpg)
PredicTor Security Evaluation CLASI
29
![Page 31: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/31.jpg)
PredicTor Security EvaluationUniformity Degree
Algorithm Uniformity Degree
Vanilla .84
CAR .83
PredicTor .79
30
![Page 32: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/32.jpg)
ConclusionPredicTor performance gains
● Avoiding congestion● Load distribution● Shorter circuits
PredicTor security evaluation
● PredicTor had Similar sender AS leakage compared to Vanilla● Lower AS leakage compared to CAR
Conclude: PredicTor had the best security / performance trade-off compared to both Vanilla and CAR. 31
![Page 33: Towards Predicting Efficient and Anonymous Tor Circuits](https://reader034.vdocuments.site/reader034/viewer/2022042718/62678481fc886c55703add13/html5/thumbnails/33.jpg)
Questions?
32