Anonymous networks vulnerable to attacks with fake routing data
Scientists at the University of Colorado in Boulder have described a method to monitor traffic in anonymous networks such as Tor (The Onion Router) that is much easier than anyone had previously thought possible. Tor tries to protect its users against any attempt to analyze network traffic by threading connections through the distributed network of the Onion Router. This is meant to prevent correlations of connections being established between users and servers. Assuming that a monitoring entity controls a large number of endpoints, such as, for example, an internet service provider, anonymous networks are in principle vulnerable to attack. Given that Tor is used throughout the world, any entity wanting to monitor it would hence need to control nodes on a worldwide scale, which to date has made eavesdropping on such a network to all intents and purposes impracticable.
In a report entitled "Low-Resource Routing Attacks Against Anonymous Systems" the scientists described how traffic can be established even without global control network correlations in Tor. For their approach the scientists make use of the way routing is handled with an eye to maximum performance in such networks as Tor. Thus the data on performance, bandwidth and other parameters sent by individual nodes are not checked by Tor. By inserting one's own nodes into Tor in a targeted fashion and sending fake items of information, it is possible, for example, to draw more traffic, or connections to be more precise, to oneself, which will then be routed via one's own nodes. This is said to make it possible to monitor the entry and exit nodes of a route. The scientists say they have been able to correlate more than 46 per cent of all paths in the network as a whole in one of their laboratory experiments involving 60 isolated Tor nodes with only a handful of manipulated nodes. "This is in stark contrast to the 0.70 per cent of paths predicted by the previous analytical model," the scientists write.
In the opinion of the researchers their method will make it possible for investigating authorities such as the police to track online child molesters and/or collectors of child pornography cheaply. "The RIAA and other organizations might use our techniques to link web or torrent requests to their corresponding requesters," the scientists' report adds.
- Low-Resource Routing Attacks Against Anonymous Systems, Report of the University of Colorado at Boulder