Memory-based DoS and Deanonymization Attacks on Tor · Memory-based DoS and Deanonymization Attacks...

Memory-based DoS and Deanonymization Attacks on Tor

DCAPS Seminar October 11th, 2013

Rob Jansen U.S. Naval Research Laboratory [email protected]

*Joint with Aaron Johnson, Florian Tschorsch, Björn Scheuermann

The Tor Anonymity Network

torproject.org

How Tor Works

How Tor Works

Tor protocol aware

Tor Flow Control

exit entry

Tor Flow Control

One TCP Connection Between Each Relay,

Multiple Circuits

exit entry

Tor Flow Control

One TCP Connection Between Each Relay,

Multiple Circuits

Multiple Application Streams

exit entry

Tor Flow Control

No end-to-end TCP!

exit entry

Tor Flow Control

Tor protocol aware

exit entry

Tor Flow Control

Packaging End

Delivery End

exit entry

Tor Flow Control

1000 Cell Limit

SENDME Signal Every 100 Cells

exit entry

Outline

●  The Sniper Attack –  Low-cost memory consumption attack that disables

arbitrary Tor relays

●  Deanonymizing Hidden Services –  Using DoS attacks for deanonymization

●  Countermeasures

The Sniper Attack

Start Download

Request

exit entry

The Sniper Attack

Reply

DATA exit entry

The Sniper Attack Package and Relay DATA

DATA

DATA exit entry

The Sniper Attack

DATA

DATA

Stop Reading from Connection

DATA

Rexit entry

The Sniper Attack

DATA DATA DATA DATA DATA DATA

Rexit entry

Flow Window Closed

The Sniper Attack

DATA

Periodically Send SENDME SENDME

R

DATA DATA DATA DATA DATA

exit entry

The Sniper Attack

DATA

DATA


Periodically Send SENDME SENDME

R


exit entry

Flow Window Opened

The Sniper Attack

DATA

DATA


R


exit entry

DATA DATA DATA DATA DATA DATA DATA DATA DATA DATA

Out of Memory, Killed by OS

The Sniper Attack

DATA

DATA


R


exit entry

DATA DATA DATA DATA DATA DATA DATA DATA DATA DATA

Use Tor to Hide

Memory Consumed over Time

0.0 0.2 0.4 0.6 0.8 1.0Time (m)

0.0

0.2

0.4

0.6

0.8

1.0R

AM

Con

sum

ed(M

iB)

20 25 30 35 40 45 50 55 600

5001000150020002500

anonymous

0500

1000150020002500

direct

10 teams100 circs5 teams50 circs1 team10 circs1 team5 circsno attack

Mean RAM Consumed, 50 Relays

0 500 1000 1500 2000 2500Mean Target RAM Consumption Rate (KiB/s)

0.0

0.2

0.4

0.6

0.8

1.0C

umul

ativ

eFr

actio

n

directanonymous

Mean BW Consumed, 50 Relays

0 20 40 60 80 100Mean Sniper BW Consumption Rates (KiB/s)

0.0

0.2

0.4

0.6

0.8

1.0C

umul

ativ

eFr

actio

n

direct Txanonymous Txdirect Rxanonymous Rx

Speed of Sniper Attack Direct Anonymous

Relay Groups Select % 1 GiB 8 GiB 1 GiB 8 GiB Top Guard 1.7 Top 5 Guards 6.5 Top 20 Guards 19 Top Exit 3.2 Top 5 Exits 13 Top 20 Exits 35

Path Selection Probability ≈ Network Capacity

Speed of Sniper Attack Direct Anonymous

Relay Groups Select % 1 GiB 8 GiB 1 GiB 8 GiB Top Guard 1.7 0:01 0:18 0:02 0:14 Top 5 Guards 6.5 0:08 1:03 0:12 1:37 Top 20 Guards 19 0:45 5:58 1:07 8:56 Top Exit 3.2 0:01 0:08 0:01 0:12 Top 5 Exits 13 0:05 0:37 0:07 0:57 Top 20 Exits 35 0:29 3:50 0:44 5:52

Time (hours:minutes) to Consume RAM

Outline





Hidden Services

HS

User wants to hide service

Hidden Services

entry IP

HS chooses and publishes

introduction point IP

HS

Hidden Services

entry IP

HS

Learns about HS on web

entry

Hidden Services

entry IP

HS

Builds Circuit to Chosen Rendezvous

Point RP

RP

entry

Hidden Services

entry IP

HS

Notifies HS of RP through IP

RP

entry

RP

entry

Hidden Services

entry IP

HS

RP

RP

entry

Hidden Services

entry IP

HS

Build New Circuit to

RP

RP

entry

RP

entry

Hidden Services

entry IP

HS

Communicate!

RP

entry

RP

entry

Deanonymizing Hidden Services

HS

RP

entry


HS

RP

Also runs a guard

relay

entry


entry

HS

RP

RP

Build New Circuit to

RP

entry


entry

HS

RP

RP S&P 2006, S&P 2013

entry


entry

HS

RP

RP S&P 2013

PADDING

Send 50 Padding

Cells

entry


entry

HS

RP

RP

Identify HS entry if cell count = 52

S&P 2013

entry


entry

HS

RP

Sniper Attack, or any other DoS

entry


HS

RP

Choose new Entry Guard

entry


HS

RP

RP

entry


HS

RP

RP S&P 2006, S&P 2013

entry


HS

RP

RP

Send 50 Padding

Cells

S&P 2013

PADDING

entry


HS

RP

RP

Identify HS if cell count = 53

S&P 2013

Outline





Countermeasures

●  Sniper Attack Defenses –  Authenticated SENDMEs –  Queue Length Limit –  Adaptive Circuit Killer

●  Deanonymization Defenses –  Entry-guard Rate-limiting –  Middle Guards

Questions?

cs.umn.edu/~jansen [email protected]

think like an adversary

Speed of Deanonymization

Guard BW (MiB/s)

Guard Probability

(%)

Average # Rounds

Average # Sniped

Average Time (h)

1 GiB

Average Time (h)

8 GiB 8.41 0.48 66 133 46 279

16.65 0.97 39 79 23 149 31.65 1.9 24 48 13 84 66.04 3.8 13 26 6 44 96.61 5.4 9 19 5 31

1 GiB/s Relay Can Deanonymize HS in

about a day

Circuit Killer Defense

20 25 30 35 40 45 50 55 60Time (m)

0

500

1000

1500

2000

2500R

AM

Con

sum

ed(M

iB) direct, no defense

anon, no defensedirect, MaxQMem=500anon, MaxQMem=250no attack

The Sniper Attack

exit entry

exit entry

Single Adversary

The Sniper Attack

exit entry

exit entry

Anonymous Tunnel

The Sniper Attack

exit entry

exit entry

The Sniper Attack

exit entry

exit entry

DATA DATA DATA

DATA

The Sniper Attack

exit entry

exit entry

DATA DATA DATA

DATA

R

The Sniper Attack

exit entry

exit entry

DATA DATA DATA

R

Flow Window Closed

The Sniper Attack

exit entry

exit entry

DATA DATA DATA

R

R

The Sniper Attack

exit entry

exit entry

DATA DATA

R

R

DATA DATA DATA DATA

The Sniper Attack

exit entry

exit entry

DATA DATA

R

R

DATA DATA DATA

Killed by OS

DATA

Memory-based DoS and Deanonymization Attacks on Tor · Memory-based DoS and Deanonymization Attacks...

Documents

Transcript of Memory-based DoS and Deanonymization Attacks on Tor · Memory-based DoS and Deanonymization Attacks...