Memory-based DoS and Deanonymization Attacks on Tor · Memory-based DoS and Deanonymization Attacks...
Transcript of Memory-based DoS and Deanonymization Attacks on Tor · Memory-based DoS and Deanonymization Attacks...
Memory-based DoS and Deanonymization Attacks on Tor
DCAPS Seminar October 11th, 2013
Rob Jansen U.S. Naval Research Laboratory [email protected]
*Joint with Aaron Johnson, Florian Tschorsch, Björn Scheuermann
The Tor Anonymity Network
torproject.org
How Tor Works
How Tor Works
How Tor Works
How Tor Works
How Tor Works
Tor protocol aware
Tor Flow Control
exit entry
Tor Flow Control
One TCP Connection Between Each Relay,
Multiple Circuits
exit entry
Tor Flow Control
One TCP Connection Between Each Relay,
Multiple Circuits
Multiple Application Streams
exit entry
Tor Flow Control
No end-to-end TCP!
exit entry
Tor Flow Control
Tor protocol aware
exit entry
Tor Flow Control
Packaging End
Delivery End
exit entry
Tor Flow Control
Packaging End
Delivery End
exit entry
Tor Flow Control
1000 Cell Limit
SENDME Signal Every 100 Cells
exit entry
Outline
● The Sniper Attack – Low-cost memory consumption attack that disables
arbitrary Tor relays
● Deanonymizing Hidden Services – Using DoS attacks for deanonymization
● Countermeasures
The Sniper Attack
Start Download
Request
exit entry
The Sniper Attack
Reply
DATA exit entry
The Sniper Attack Package and Relay DATA
DATA
DATA exit entry
The Sniper Attack
DATA
DATA
Stop Reading from Connection
DATA
Rexit entry
The Sniper Attack
DATA DATA DATA DATA DATA DATA
Rexit entry
Flow Window Closed
The Sniper Attack
DATA
Periodically Send SENDME SENDME
R
DATA DATA DATA DATA DATA
exit entry
The Sniper Attack
DATA
DATA
DATA DATA DATA DATA DATA DATA
Periodically Send SENDME SENDME
R
DATA DATA DATA DATA DATA
exit entry
Flow Window Opened
The Sniper Attack
DATA
DATA
DATA DATA DATA DATA DATA DATA
R
DATA DATA DATA DATA DATA
exit entry
DATA DATA DATA DATA DATA DATA DATA DATA DATA DATA
Out of Memory, Killed by OS
The Sniper Attack
DATA
DATA
DATA DATA DATA DATA DATA DATA
R
DATA DATA DATA DATA DATA
exit entry
DATA DATA DATA DATA DATA DATA DATA DATA DATA DATA
Use Tor to Hide
Memory Consumed over Time
0.0 0.2 0.4 0.6 0.8 1.0Time (m)
0.0
0.2
0.4
0.6
0.8
1.0R
AM
Con
sum
ed(M
iB)
20 25 30 35 40 45 50 55 600
5001000150020002500
anonymous
0500
1000150020002500
direct
10 teams100 circs5 teams50 circs1 team10 circs1 team5 circsno attack
Mean RAM Consumed, 50 Relays
0 500 1000 1500 2000 2500Mean Target RAM Consumption Rate (KiB/s)
0.0
0.2
0.4
0.6
0.8
1.0C
umul
ativ
eFr
actio
n
directanonymous
Mean BW Consumed, 50 Relays
0 20 40 60 80 100Mean Sniper BW Consumption Rates (KiB/s)
0.0
0.2
0.4
0.6
0.8
1.0C
umul
ativ
eFr
actio
n
direct Txanonymous Txdirect Rxanonymous Rx
Speed of Sniper Attack Direct Anonymous
Relay Groups Select % 1 GiB 8 GiB 1 GiB 8 GiB Top Guard 1.7 Top 5 Guards 6.5 Top 20 Guards 19 Top Exit 3.2 Top 5 Exits 13 Top 20 Exits 35
Path Selection Probability ≈ Network Capacity
Speed of Sniper Attack Direct Anonymous
Relay Groups Select % 1 GiB 8 GiB 1 GiB 8 GiB Top Guard 1.7 0:01 0:18 0:02 0:14 Top 5 Guards 6.5 0:08 1:03 0:12 1:37 Top 20 Guards 19 0:45 5:58 1:07 8:56 Top Exit 3.2 0:01 0:08 0:01 0:12 Top 5 Exits 13 0:05 0:37 0:07 0:57 Top 20 Exits 35 0:29 3:50 0:44 5:52
Time (hours:minutes) to Consume RAM
Speed of Sniper Attack Direct Anonymous
Relay Groups Select % 1 GiB 8 GiB 1 GiB 8 GiB Top Guard 1.7 0:01 0:18 0:02 0:14 Top 5 Guards 6.5 0:08 1:03 0:12 1:37 Top 20 Guards 19 0:45 5:58 1:07 8:56 Top Exit 3.2 0:01 0:08 0:01 0:12 Top 5 Exits 13 0:05 0:37 0:07 0:57 Top 20 Exits 35 0:29 3:50 0:44 5:52
Time (hours:minutes) to Consume RAM
Speed of Sniper Attack Direct Anonymous
Relay Groups Select % 1 GiB 8 GiB 1 GiB 8 GiB Top Guard 1.7 0:01 0:18 0:02 0:14 Top 5 Guards 6.5 0:08 1:03 0:12 1:37 Top 20 Guards 19 0:45 5:58 1:07 8:56 Top Exit 3.2 0:01 0:08 0:01 0:12 Top 5 Exits 13 0:05 0:37 0:07 0:57 Top 20 Exits 35 0:29 3:50 0:44 5:52
Time (hours:minutes) to Consume RAM
Outline
● The Sniper Attack – Low-cost memory consumption attack that disables
arbitrary Tor relays
● Deanonymizing Hidden Services – Using DoS attacks for deanonymization
● Countermeasures
Hidden Services
HS
User wants to hide service
Hidden Services
entry IP
HS chooses and publishes
introduction point IP
HS
Hidden Services
entry IP
HS
Learns about HS on web
entry
Hidden Services
entry IP
HS
Builds Circuit to Chosen Rendezvous
Point RP
RP
entry
Hidden Services
entry IP
HS
Notifies HS of RP through IP
RP
entry
RP
entry
Hidden Services
entry IP
HS
RP
RP
entry
Hidden Services
entry IP
HS
Build New Circuit to
RP
RP
entry
RP
entry
Hidden Services
entry IP
HS
Communicate!
RP
entry
RP
entry
Deanonymizing Hidden Services
HS
RP
entry
Deanonymizing Hidden Services
HS
RP
Also runs a guard
relay
entry
Deanonymizing Hidden Services
entry
HS
RP
RP
Build New Circuit to
RP
entry
Deanonymizing Hidden Services
entry
HS
RP
RP S&P 2006, S&P 2013
entry
Deanonymizing Hidden Services
entry
HS
RP
RP S&P 2013
PADDING
Send 50 Padding
Cells
entry
Deanonymizing Hidden Services
entry
HS
RP
RP
Identify HS entry if cell count = 52
S&P 2013
entry
Deanonymizing Hidden Services
entry
HS
RP
Sniper Attack, or any other DoS
entry
Deanonymizing Hidden Services
HS
RP
Choose new Entry Guard
entry
Deanonymizing Hidden Services
HS
RP
RP
entry
Deanonymizing Hidden Services
HS
RP
RP S&P 2006, S&P 2013
entry
Deanonymizing Hidden Services
HS
RP
RP
Send 50 Padding
Cells
S&P 2013
PADDING
entry
Deanonymizing Hidden Services
HS
RP
RP
Identify HS if cell count = 53
S&P 2013
Outline
● The Sniper Attack – Low-cost memory consumption attack that disables
arbitrary Tor relays
● Deanonymizing Hidden Services – Using DoS attacks for deanonymization
● Countermeasures
Countermeasures
● Sniper Attack Defenses – Authenticated SENDMEs – Queue Length Limit – Adaptive Circuit Killer
● Deanonymization Defenses – Entry-guard Rate-limiting – Middle Guards
Speed of Deanonymization
Guard BW (MiB/s)
Guard Probability
(%)
Average # Rounds
Average # Sniped
Average Time (h)
1 GiB
Average Time (h)
8 GiB 8.41 0.48 66 133 46 279
16.65 0.97 39 79 23 149 31.65 1.9 24 48 13 84 66.04 3.8 13 26 6 44 96.61 5.4 9 19 5 31
1 GiB/s Relay Can Deanonymize HS in
about a day
Circuit Killer Defense
20 25 30 35 40 45 50 55 60Time (m)
0
500
1000
1500
2000
2500R
AM
Con
sum
ed(M
iB) direct, no defense
anon, no defensedirect, MaxQMem=500anon, MaxQMem=250no attack
The Sniper Attack
exit entry
exit entry
Single Adversary
The Sniper Attack
exit entry
exit entry
Anonymous Tunnel
The Sniper Attack
exit entry
exit entry
The Sniper Attack
exit entry
exit entry
DATA DATA DATA
DATA
The Sniper Attack
exit entry
exit entry
DATA DATA DATA
DATA
R
The Sniper Attack
exit entry
exit entry
DATA DATA DATA
R
Flow Window Closed
The Sniper Attack
exit entry
exit entry
DATA DATA DATA
R
R
The Sniper Attack
exit entry
exit entry
DATA DATA
R
R
DATA DATA DATA DATA
The Sniper Attack
exit entry
exit entry
DATA DATA
R
R
DATA DATA DATA
Killed by OS
DATA