A New Cell-Counting-Based Attack Against Tor
Abstract:
Various low-latency anonymous communication systemssuch as Tor and Anonymizer have been designed to provideanonymity service for users. In order to hide the communicationof users, most of the anonymity systems pack the application data into equal-sized cells. Viaextensive experiments on Tor, we found that the size of IP packetsin the Tor network can be very dynamic because a cell is an applicationconcept and the IP layer may repack cells. Based on thisfinding, we investigate a new cell-counting-based attack againstTor, which allows the attacker to confirm anonymous communicationrelationship among users very quickly. In this attack, bymarginally varying the number of cells in the target traffic at themalicious exit onion router, the attacker can embed a secret signalinto the variation of cell counter of the target traffic. The embeddedsignal will be carried along with the target traffic and arrive at themalicious entry onion router. Then, an accomplice of the attackerat themalicious entry onion router will detect the embedded signalbased on the received cells and confirm the communication relationshipamong users. We have implemented this attack againstTor, and our experimental data validate its feasibility and effectiveness.There are several unique features of this attack. First, thisattack is highly efficient and can confirm very short communicationsessions with only tens of cells. Second, this attack is effective,and its detection rate approaches 100% with a very low false positiverate. Third, it is possible to implement the attack in a way thatappears to be very difficult for honest participants to detect.
ARCHITECTURE:
EXISTING SYSTEM:
Most existing approaches are based on traffic analysis. Passive traffic analysis technique will record the traffic passively and identify the correlation between sender’s outbound traffic and receiver’s inbound traffic based on statistical measures. This type of technique requires a relatively long period of traffic observation for a reasonable detection rate. The idea is to actively introduce special signals into the sender’s outbound traffic with the intention of recognizing the embedded signal at the receiver’s inbound traffic.Encryption does not work, since packet headers still reveal a great deal about users.
Disadvantage:
Encryption does not work, since packet headers still reveal a great deal about users.
PROPOSED SYSTEM:
In this project, we focus on the active watermarking technique,which has been active in the past few years. proposed a flow-marking scheme based on thedirect sequence spread spectrum technique by utilizing a pseudo-noise code. By interfering with the rate of asuspect sender’s traffic and marginally changing the traffic rate,the attacker can embed a secret spread-spectrum signal into thetarget traffic. The embedded signal is carried along with the target traffic from the sender to the receiver, so the investigatorcan recognize the corresponding communication relationship,tracing the messages despite the use of anonymous networks.However, in order to accurately confirm the anonymous communicationrelationship of users, the flow-marking schemeneeds to embed a signal modulated by a relatively long lengthof PN code, and also the signal is embedded into the trafficflow rate variation. Houmansadr et al. proposed a nonblindnetwork flow watermarking scheme called RAINBOW for steppingstone detection.
Advantage:
Active watermarking technique can reduce attack lasting time.
Improve attack success rate and has recently received more attention.
MODULES:
- Data Transmission,
- Components of Tor,
- Cells at Onion Routers,
Data Transmission:
In Tor, an maintains a connection to other on demand. The uses a way of source routing andchooses several from the locally cached directory, downloadedfrom the directory caches. The number of the selected is referredas the path length.We use the default path length of threeas an example. The iteratively establishes circuits across theTor network and negotiates a symmetric key with each, onehop at a time, as well as handles the streams from clientapplications. The side of the circuit connects tothe requested destinations and relays the data.We now illustrate the procedure that theestablishes a circuitand downloads a file from the server.
Components of Tor:
Onion routers are special proxies thatrelay the application data. In Tor, transport-layer security connections are used for theoverlay link encryption between two onion routers. Theapplication data is packed into equal-sized cells.They hold onion router informationsuch as public keys for onion routers. Directory authoritieshold authoritative information on onion routers, anddirectory caches download directory information of onion routers from authorities.
Cells at Onion Routers:
To begin with, the onionrouter receives the data from the connection on the givenport A. After the data is processed by protocols,the data will be delivered into the buffer of the connection.When there is pending data in the buffer, the read event ofthis connection will be called to read and process the data. Theconnection read event will pull the data from the bufferinto the connection input buffer. Each connection input bufferis implemented as a linked list with small chunks. The data isfetched from the head of the list and added to the tail. Afterthe data in the TLS buffer is pulled into the connection inputbuffer, the connection read event will process the cells from theconnection input buffer one by one.
System Requirements:
Hardware Requirements:
System : Pentium IV 2.4 GHz.
Hard Disk : 40 GB.
Floppy Drive: 1.44 Mb.
Monitor: 15 VGA Colour.
Mouse: Logitech.
Ram: 512 Mb.
Software Requirements:
Operating system : Windows XP.
Coding Language: ASP.Net with C#
Data Base : SQL Server 2005
SYSTEM DESIGN
Data Flow Diagram / Use Case Diagram / Flow Diagram
The DFD is also called as bubble chart. It is a simple graphical formalism that can be used to represent a system in terms of the input data to the system, various processing carried out on these data, and the output data is generated by the system.
Dataflow Diagram:
Class Diagram:
Activity Diagram:
Sequence Diagram:
Use Case Diagram: