http://iet.metastore.ingenta.com
1887

Empirical analysis of Tor Hidden Services

Empirical analysis of Tor Hidden Services

For access to this article, please select a purchase option:

Buy article PDF
£12.50
(plus tax if applicable)
Buy Knowledge Pack
10 articles for £75.00
(plus taxes if applicable)

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend to library

You must fill out fields marked with: *

Librarian details
Name:*
Email:*
Your details
Name:*
Email:*
Department:*
Why are you recommending this title?
Select reason:
 
 
 
 
 
IET Information Security — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

Tor hidden services allow someone to host a website or other transmission control protocol (TCP) service whilst remaining anonymous to visitors. The collection of all Tor hidden services is often referred to as the ‘darknet’. In this study, the authors describe results from what they believe to be the largest study of Tor hidden services to date. By operating a large number of Tor servers for a period of 6 months, the authors were able to capture data from the Tor distributed hash table to collect the list of hidden services, classify their content and count the number of requests. Approximately 80,000 hidden services were observed in total of which around 45,000 are present at any one point in time. Abuse and Botnet C&C servers were the most frequently requested hidden services although there was a diverse range of services on offer.

References

    1. 1)
      • 1. Tor Project: ‘Metrics portal’, September 2014. Available at http://metrics.torproject.org.
        .
    2. 2)
      • P. Winter , S. Lindskog .
        2. Winter, P., Lindskog, S.: ‘How the great firewall of china is blocking tor’. Proc. of USENIX Workshop on Free and Open Communications on the Internet, 2012.
        . Proc. of USENIX Workshop on Free and Open Communications on the Internet
    3. 3)
      • T. Elahi , K. Bauer , M. AlSabah .
        3. Elahi, T., Bauer, K., AlSabah, M., et al: ‘Changing of the guards: a framework for understanding and improving entry guard selection in tor’. Proc. of the Workshop on Privacy in the Electronic Society, 2012.
        . Proc. of the Workshop on Privacy in the Electronic Society
    4. 4)
      • S.J. Murdoch , P. Zielínski .
        4. Murdoch, S.J., Zielínski, P.: ‘Sampled traffic analysis by Internet-exchange-level adversaries’. Proc. of the Seventh Workshop on Privacy Enhancing Technologies (PET 2007), 2007.
        . Proc. of the Seventh Workshop on Privacy Enhancing Technologies (PET 2007)
    5. 5)
    6. 6)
      • A. Chaabane , P. Manils , M.A. Kaafar .
        6. Chaabane, A., Manils, P., Kaafar, M.A.: ‘Digging into anonymous traffic: a deep analysis of the tor anonymizing network’. Proc. of the 4th Int. Conf. on Network and System Security (NSS), 2010.
        . Proc. of the 4th Int. Conf. on Network and System Security (NSS)
    7. 7)
      • D. McCoy , K. Bauer , D. Grunwalk .
        7. McCoy, D., Bauer, K., Grunwalk, D., et al: ‘Shining light in dark places: understanding the tor network’, Priv. Enhancing Technol., 2008, 5134, pp. 6376.
        . Priv. Enhancing Technol. , 63 - 76
    8. 8)
      • Z. Ling , J. Luo , K. Wu .
        8. Ling, Z., Luo, J., Wu, K., et al: ‘Torward: discovery of malicious traffic over tor’. Proc. of the IEEE Int. Conf. on Computer Communications, 2014.
        . Proc. of the IEEE Int. Conf. on Computer Communications
    9. 9)
      • R. Dingledine , N. Mathewson , P. Syverson . (2004)
        9. Dingledine, R., Mathewson, N., Syverson, P.: ‘Tor: the second-generation onion router’. Technical report, Naval Research Laboratory, USA, 2004.
        .
    10. 10)
      • I. Stoica , R. Morris , D. Karger .
        10. Stoica, I., Morris, R., Karger, D., et al: ‘Chord: a scalable peer-to-peer lookup service for internet applications’. Proc. of the 2001 Conf. on Applications, Technologies, Architectures, and Protocols for Computer Communications, SIGCOMM 2001, 2001, pp. 149160. Available at http://doi.acm.org/10.1145/383059.383071.
        . Proc. of the 2001 Conf. on Applications, Technologies, Architectures, and Protocols for Computer Communications, SIGCOMM 2001 , 149 - 160
    11. 11)
      • J.R. Douceur .
        11. Douceur, J.R.: ‘The sybil attack’. Revised Papers from the First Int. Workshop on Peer-to-Peer Systems, IPTPS'01, 2002, pp. 251260. Available at http://dl.acm.org/citation.cfm?id=646334.687813.
        . Revised Papers from the First Int. Workshop on Peer-to-Peer Systems, IPTPS'01 , 251 - 260
    12. 12)
      • C. Lesniewski-Laas .
        12. Lesniewski-Laas, C.: ‘A sybil-proof one-hop dht’. Proc. of the 1st Workshop on Social Network Systems, SocialNets'08, 2008, pp. 1924. Available at http://doi.acm.org/10.1145/1435497.1435501.
        . Proc. of the 1st Workshop on Social Network Systems, SocialNets'08 , 19 - 24
    13. 13)
      • C. Lesniewski-Laas , M.F. Kaashoek .
        13. Lesniewski-Laas, C., Kaashoek, M.F.: ‘Whanau: a sybil-proof distributed hash table’. Proc. of the 7th USENIX Conf. on Networked Systems Design and Implementation, NSDI'10, 2010, pp. 88. Available at http://dl.acm.org/citation.cfm?id=1855711.1855719.
        . Proc. of the 7th USENIX Conf. on Networked Systems Design and Implementation, NSDI'10 , 8 - 8
    14. 14)
      • A. Biryukov , I. Pustogarov , P.-P. Weinmann .
        14. Biryukov, A., Pustogarov, I., Weinmann, P.-P.: ‘Detection, measurement and deanonymisation’. Proc. of IEEE Symp. on Security and Privacy, 2013, pp. 8094.
        . Proc. of IEEE Symp. on Security and Privacy , 80 - 94
    15. 15)
      • N. Christin .
        15. Christin, N.: ‘Traveling the silk road: a measurement analysis of a large anonymous online marketplace’. Proc. of the 22nd Int. Conf. on World Wide Web, 2013.
        . Proc. of the 22nd Int. Conf. on World Wide Web
    16. 16)
      • S. Samarawickrama , L. Jayaratne .
        16. Samarawickrama, S., Jayaratne, L.: ‘Automatic text classification and focused crawling’. Sixth Int. Conf. on Digital Information Management (ICDIM), 2011.
        . Sixth Int. Conf. on Digital Information Management (ICDIM)
    17. 17)
      • 17. Hermes Center for Transparency and Digital Human Rights: ‘Globaleaks platform’, 2014. Available at https://globaleaks.org/.
        .
    18. 18)
      • 18. Freedom of the Press Foundation: ‘Securedrop platform’, 2014. Available at https://pressfreedomfoundation.org/securedrop.
        .
    19. 19)
      • B. Stone-Gross , M. Cova , L. Cavallaro .
        19. Stone-Gross, B., Cova, M., Cavallaro, L., et al: ‘Your botnet is my botnet: analysis of a botnet takeover’. Proc. of the 16th ACM Conf. on Computer and Communications Security, CCS ‘09, 2009, pp. 635647. Available at http://doi.acm.org/10.1145/1653662.1653738.
        . Proc. of the 16th ACM Conf. on Computer and Communications Security, CCS ‘09 , 635 - 647
    20. 20)
      • N. Hopper .
        20. Hopper, N.: ‘Challenges in protecting tor hidden services from botnet abuse’. Proc. of Financial Cryptography and Data Security (FC'14), 2014.
        . Proc. of Financial Cryptography and Data Security (FC'14)
    21. 21)
      • A. Johnson , C. Wacek , R. Jansen .
        21. Johnson, A., Wacek, C., Jansen, R., et al: ‘Users get routed: traffic correlation on tor by realistic adversaries’. Proc. of the 20th ACM Conf. on Computer and Communications Security, 2013.
        . Proc. of the 20th ACM Conf. on Computer and Communications Security
    22. 22)
      • A. Kwon , M. AlSabah , D. Lazar .
        22. Kwon, A., AlSabah, M., Lazar, D., et al: ‘Circuit fingerprinting attacks: passive deanonymization of tor hidden services’. Proc. of the 24th USENIX Security Symp. (Security), 2015.
        . Proc. of the 24th USENIX Security Symp. (Security)
    23. 23)
      • Z. Ling , J. Luo , K. Wu .
        23. Ling, Z., Luo, J., Wu, K., et al: ‘Protocol-level hidden server discovery’. Proc. of the 32nd IEEE Int. Conf. on Computer Communications, 2013.
        . Proc. of the 32nd IEEE Int. Conf. on Computer Communications
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-ifs.2015.0121
Loading

Related content

content/journals/10.1049/iet-ifs.2015.0121
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading
This is a required field
Please enter a valid email address