Skip navigation
Please use this identifier to cite or link to this item: http://arks.princeton.edu/ark:/88435/dsp01bv73c287d
Full metadata record
DC FieldValueLanguage
dc.contributor.advisorFeamster, Nick-
dc.contributor.authorMetzman, Jonathan-
dc.date.accessioned2016-06-30T16:05:36Z-
dc.date.available2016-06-30T16:05:36Z-
dc.date.created2016-04-29-
dc.date.issued2016-06-30-
dc.identifier.urihttp://arks.princeton.edu/ark:/88435/dsp01bv73c287d-
dc.description.abstractTor is a tool that is used by 2,000,000 users every day for anonymous internet activity like anonymous web browsing. But, Tor’s suitability for web browsing is not only a cause for its popularity it is also a cause of its biggest weakness. Because Tor is fast enough for web browsing, it is vulnerable to traffic correlation. Traffic correlation is an attack on anonymity where an attacker observing both ends of a victim’s Tor connection can determine that both of these ends are “correlated”, thus revealing who the victim is communicating with. This revelation makes the victim’s communication no longer anonymous. Past research has shown that Tor nodes, Autonomous Systems (AS), and Internet Exchange Points (IXPs) can perform correlation attacks. In this paper we introduce “Onion Spoofing” an attack that uses DNS spoofing to intercept and observe traffic sent out of Tor by exit nodes. We then describe our implementation of Onion Spoofing and how we used it to perform correlation attacks to deanonymize Tor users in experimental settings. After this description, we share measurements we took of the Tor Network. These show that 91% of Tor exits are vulnerable to Onion Spoofing. We also found that 31% of Tor connections at any given time vulnerable to Onion Spoofing by Google. After demonstrating that Onion Spoofing is a threat to anonymity, we suggest mitigations and make recommendations for future work to improve Onion Spoofing.en_US
dc.format.extent38 pages*
dc.language.isoen_USen_US
dc.titleOnion Spoofing: a Novel Technique for Observing Exit Node Traffic for Correlation Attacksen_US
dc.typePrinceton University Senior Theses-
pu.date.classyear2016en_US
pu.departmentComputer Scienceen_US
pu.pdf.coverpageSeniorThesisCoverPage-
Appears in Collections:Computer Science, 1988-2020

Files in This Item:
File SizeFormat 
Metzman_Jonathan_2016_Thesis.pdf696.9 kBAdobe PDF    Request a copy


Items in Dataspace are protected by copyright, with all rights reserved, unless otherwise indicated.