Date of Award

5-2018

Degree Type

Thesis

Degree Name

Master of Science

Major

Computer Science

Major Professor

Maxfield J. Schuchard

Committee Members

Mark E. Dean, Audris Mockus

Abstract

This work evaluates Tor users' risk of de-anonymization in the presence of a network-level adversary. We evaluate the likelihood that a Tor user, who is consuming modern web content, will be susceptible to a traffic analysis or watermarking attack. This work shows that the previously studied point-to-point model for Tor connections is not realistic and does not fully capture the risk of de-anonymization for Tor users. We show these results by measuring network paths along key parts of a Tor circuit. First, we measure the paths between the Tor exit relays and web resources requested when accessing the Alexa Top 1000 websites. Then, we use available and trusted traceroute data to approximate paths between Tor users and likely guard nodes. Then, the intersection of these paths at an autonomous system level is examined to determine if they share any elements. If the intersection of the paths is non-empty, then a Tor user making a request with those paths is susceptible to de-anonymization.Results from weighted selection of Tor exit and guard relays indicate that a Tor user visiting a random Alexa Top 1000 website is susceptible to de-anonymization with 20% probability for almost half of the Alexa Top 1000. Multiple resources account for significant additional de-anonymization risk over the point-to-point model, and shorter network paths to content distribution nodes do not effectively compensate. Moreover, examining the intersection of paths to resources in the top-level domains of a website does not full eliminate the risk of de-anonymization under the AS-Aware Tor problem.

Comments

Additional measurements, analysis, and related works will be added to this document for submission into conference. Please look for a similar work by this author in conference proceedings in the near future.

Files over 3MB may be slow to open. For best results, right-click and select "save as..."

Share

COinS