Dissecting Tor Bridges: a Security Evaluation of Their Private and Public Infrastructures

被引:2
|
作者
Matic, Srdjan [1 ,2 ]
Troncoso, Carmela [1 ]
Caballero, Juan [1 ]
机构
[1] IMDEA Software Inst, Madrid, Spain
[2] Univ Milan, Milan, Italy
关键词
D O I
10.14722/ndss.2017.23345
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Bridges are onion routers in the Tor Network whose IP addresses are not public. So far, no global security analysis of Tor bridges has been performed. Leveraging public data sources, and two known Tor issues, we perform the first systematic study on the security of the Tor bridges infrastructure. Our study covers both the public infrastructure available to all Tor users, and the previously unreported private infrastructure, comprising private nodes for the exclusive use of those who know their existence. Our analysis of the public infrastructure is twofold. First, we examine the security implications of the public data in the CollecTor service, identifying several pieces of data that may be detrimental for the security of bridges. Then, we measure security relevant properties of public bridges. Our results show that the 55% of public bridges that carry clients are vulnerable to aggressive blocking; that 90% of bridge clients use default bridges that are trivial to identify; that the concurrent deployment of Pluggable Transports in bridges reduces the security of the most secure transports; and that running non-Tor services in the same host as a bridge may harm its anonymity. To study the private infrastructure, we use an approach to discover 694 private bridges on the Internet and a novel technique to track bridges across IP changes. We are first to measure the size of the private bridge population (35% discovered bridges are private) and to report existence of infrastructures that use private proxies to forward traffic to backend bridges or relays. We use a novel clustering approach to analyze the different infrastructures using proxies and bridges, examining its hosting and security properties. We provide an extensive discussion on the security implications of our findings.
引用
收藏
页数:15
相关论文
共 50 条
  • [1] Integrated Security Management of Public and Private Sector for Critical Infrastructures - Problem Investigation
    Rehbohm, Thomas
    Sandkuhl, Kurt
    Cap, Clemens H.
    Kemmerich, Thomas
    [J]. BUSINESS INFORMATION SYSTEMS WORKSHOPS, BIS 2021, 2022, 444 : 291 - 303
  • [2] A policy-based methodology for security evaluation: A Security Metric for Public Key Infrastructures
    Casola, Valentina
    Mazzeo, Antonino
    Mazzocca, Nicola
    Vittorini, Valeria
    [J]. JOURNAL OF COMPUTER SECURITY, 2007, 15 (02) : 197 - 229
  • [3] Performance analysis in private and public Cloud infrastructures
    Mancas, Catalina
    [J]. 2019 18TH ROEDUNET CONFERENCE - NETWORKING IN EDUCATION AND RESEARCH (ROEDUNET), 2019,
  • [4] HESPERIA: homeland security technologies for the security in public spaces and infrastructures
    Garc, Carlos
    Hernandez, Yolanda
    Fernandez, Diego
    Ferrer, Miguel A.
    Travieso, Carlos M.
    Alonso, Jesus B.
    Quez, Patr Cia Henr
    [J]. 41ST ANNUAL IEEE INTERNATIONAL CARNAHAN CONFERENCE ON SECURITY TECHNOLOGY, PROCEEDINGS, 2007, : 221 - +
  • [5] Public Goods as Obligatory Bridges between the Public and the Private
    Kallhoff, Angela
    [J]. PHILOSOPHICAL PAPERS, 2021, 50 (03) : 387 - 405
  • [6] Public key infrastructures that satisfy security goals
    Polk, WT
    Hastings, NE
    Malpani, A
    [J]. IEEE INTERNET COMPUTING, 2003, 7 (04) : 60 - 67
  • [7] PRIVATE SECURITY AND PUBLIC SAFETY
    CLOTFELTER, CT
    [J]. JOURNAL OF URBAN ECONOMICS, 1978, 5 (03) : 388 - 402
  • [8] Private security and public policing
    Noaks, L
    [J]. JOURNAL OF LAW AND SOCIETY, 1999, 26 (02) : 264 - 267
  • [9] Private Security and Public Policing
    David S Wall
    [J]. Crime Prevention and Community Safety, 1999, 1 (4): : 63 - 65
  • [10] Private Security and Public Policing
    Deborah Michael
    [J]. Security Journal, 2000, 13 (2) : 69 - 70