Research Identifies Methods To Protect Online Privacy Attacks

Safeguarding Tor Against Active Routing Attacks.

Research Identifies Methods To Protect Online Privacy Attacks
Image Credit: Shutterstock

Various users are finding a new way of protecting online privacy. Although, the TOR is known for one of the effective methods. Tor is a software system millions of people use in order to protect online privacy attacks. But it also has some downsides.

Tor was designed in early 2000. It makes it more difficult to trace what people are doing online by routing their traffic through a series of “proxy” servers before it reaches its final destination. Thus, it was difficult to track Tor users as they were connected to a particular server first pass through intermediate Tor servers called relays.

In a recent study by the Princeton University, scientists identified different ways that the Tor network can be compromised. They also identified the ways to make Tor more resistant against those attacks.

Scientists primarily identified a method of attacking Tor called “RAPTOR” (short for Routing Attacks on Privacy in TOR). During this, scientists demonstrated methods under which adversaries could use attacks at the network level to identify Tor users.

Research Identifies Methods To Protect Online Privacy Attacks
A team of Princeton researchers has developed a method to detect and defend against attacks on the Tor system, which provides anonymity to internet users. Team members include, from left, Prateek Mittal, an assistant professor of electrical engineering; Anne Edmundson, a graduate student in computer science; Mung Chiang, the Arthur LeGrand Doty Professor of Electrical Engineering; Nick Feamster, a professor of computer science and deputy director of the Center for Information Technology Policy; and Yixin Sun, a graduate student in computer science. Credit: Sameer A. Khan/Fotobuddy

They discovered, the vulnerability actually comes from the big companies that control large parts of the internet and forward traffic through their systems.

In addition, scientists have built a network-monitoring system to check network traffic to uncover manipulation that could indicate attacks on Tor. The system was able to identify the attacks with very low false positive rates.

Yixin Sun, a graduate student in computer science said, “As the internet gets bigger and more dynamic, more organizations have the ability to observe users’ traffic. We wanted to understand possible ways that these organizations could identify users and provide Tor with ways to defend itself against these attacks as a way to help protect online privacy.”

Prateek Mittal, an assistant professor of electrical engineering said, “The idea was if there’s a network like AT&T or Verizon that can see user traffic coming into and coming out of the Tor network, then they can do statistical analysis on whose traffic it is. We started to think about the potential threats that were posed by these entities and the new attacks—the RAPTOR attacks—that these entities could use to gain visibility into Tor.”

Even if Tor users connected to proxy servers, their traffic patterns are different (both in terms of the size and sequence of data packets sent online). So, if an internet service provider found similar-looking traffic streams enter the Tor network and leaving the Tor network after being routed through proxy servers, the provider may be able to piece together the user’s identity.

Mittal said, “These types of attacks are important because there is a lot of interest in being able to break the anonymity Tor provides. There is a slide from an NSA (the U.S. National Security Agency) presentation that Edward Snowden leaked that outlines their attempts at breaking the privacy of the Tor network. The NSA wasn’t successful, but it shows that they tried. And that was the starting point for this project because when we looked at those documents we thought, with these types of capabilities, surely they can do better.”

Scientists even provide steps that Tor can take to better protect its users from RAPTOR-type attacks. They provide a way to measure internet service providers’ susceptibility to these attacks. Scientists then use those measurements to develop an algorithm that selects how a Tor user’s traffic will be routed through proxy servers depending on the servers’ vulnerability to attack. When they used this algorithm, they found that it reduced the risk of a successful network-level attack by 36 percent.

Roger Dingledine, president and research director of the Tor Project, “We could use that right now by implementing the proposed changes to how proxy servers are selected might be more complicated.”

Mittal said, “Making Tor more robust directly serves to strengthen individual liberty and freedom of expression in online communications.”