Title :
Fingerprinting Tor´s hidden service log files using a timing channel
Author :
Elices, Juan A. ; Perez-Gonzalez, Fernando ; Troncoso, Carmela
Author_Institution :
Electr. & Comput. Eng. Dept., Univ. of New Mexico, Albuquerque, NM, USA
fDate :
Nov. 29 2011-Dec. 2 2011
Abstract :
Hidden services are anonymously hosted services that can be accessed over Tor, an anonymity network. In this paper we present an attack that allows an entity to prove, once a machine suspect to host a hidden server has been confiscated, that such machine has in fact hosted a particular content. Our solution is based on leaving a timing channel fingerprint in the confiscated machine´s log file. In order to be able to fingerprint the log server through Tor we first study the noise sources: the delay introduced by Tor and the log entries due to other users. We then describe our fingerprint method, and analytically determine the detection probability and the rate of false positives. Finally, we empirically validate our results.
Keywords :
Internet; computer network security; Internet; Tor hidden service log file fingerprinting; anonymity network; anonymously hosted services; timing channel fingerprint; Educational institutions; Law enforcement;
Conference_Titel :
Information Forensics and Security (WIFS), 2011 IEEE International Workshop on
Conference_Location :
Iguacu Falls
Print_ISBN :
978-1-4577-1017-9
Electronic_ISBN :
978-1-4577-1018-6
DOI :
10.1109/WIFS.2011.6123154
