SlideShare une entreprise Scribd logo

Anonymity in the web based on routing protocols

Biagio Botticelli
Biagio Botticelli

Presentation of "Anonymity in the web based on routing protocols" technical report developed for the Web Security course of the Master Degree in Engineering in Computer Science curriculum in Cyber Security at University of Rome "La Sapienza". Link: https://www.slideshare.net/BiagioBotticelli/anonymity-in-the-web-based-on-routing-protocols

Ingénierie
1  sur  29
Télécharger pour lire hors ligne
Master of Science in Engineering in Computer Science Web Security and Privacy, a.y. 2016-17 Prof. D’Amore Fabrizio Author: Botticelli Biagio - botticelli.1212666@studenti.uniroma1.it Anonymity in the Web based on Routing Protocols
TOR: The Onion Routing 1
Anonymity in the Web based on Routing Protocols 3 Internet as a Public network Internet: global network connecting the world designed to be PUBLIC. The packets over the Web contain information about sender and destination and routers exchanging the traffic can monitor and analyze them. Encryption is used to secure the data: it hides the payload, not the routing information. Data Mining & Correlation: Traffic Analysis is became a huge business! : 680 Billion US $ So, even the tunnel mode encryption reveals at least the IP addresses of gateways.
? Anonymity in the Web based on Routing Protocols NO Anonymity in Internet Internet users may suffer violations of their right to PRIVACY since they have NO ANONYMITY 4 ANONYMITY is the property which makes an user: • NON-IDENTIFIABLE: user activities are hidden among similar activities of other users; • UNOBSERVABLE: system or protocol used by the user cannot be established; • UNTRACEABLE: user and the performed action cannot be linked.
Anonymity in the Web based on Routing Protocols 5 TOR - The Onion Router TOR - THE ONION ROUTER : the most popular free and distributed anonymity network which uses an overlay network allowing people to improve their PRIVACY and SECURITY by concealing their location and activity from anyone conducting Network Surveillance or Traffic Analysis over the Internet. Born as a research project of the U.S. Naval Research Laboratory in 1995 and definitely deployed in 2003. Today, development and network management is handled by the Tor Project Inc. TOR NETWORK: TOR users want to prevent websites from tracking them, or to connect to those internet services blocked by their local Internet providers. More than 7000 relays and 2.5 millions of users!
Anonymity in the Web based on Routing Protocols 6 Simple Internet Connection TOR HTTPS All components of the network can see all the user information… NOT SECURE & NOT ANONYMOUS!
Anonymity in the Web based on Routing Protocols 7 Connection using HTTPS TOR HTTPS SECURE & NOT ANONYMOUS! ENCRYPTION hides payload; but, routing informations are still visible…
Anonymity in the Web based on Routing Protocols 8 Connection using TOR TOR HTTPS TOR NETWORK = Black Box ENTRY POINT knows only the source EXIT POINT knows only the destination MIDDLE RELAY knows neither the source nor the destination NOT SECURE & ANONYMOUS! The attacker can see only that the user is accessing TOR, but not the content of the communication The User IP is not seen!
Anonymity in the Web based on Routing Protocols 9 Connection with TOR & HTTPS TOR HTTPS TOR used together with HTTPS: SECURITY is guaranteed SECURE & ANONYMOUS!
Anonymity in the Web based on Routing Protocols 10 The Onion Routing The encrypted message is sent over the virtual circuit: each OR knows the next hop only by decrypting its layer of encryption and it forwards the remaining unencrypted data. The last node (exit point) delivers the original message (in clear) to the destination without knowing the source. TELESCOPIC ENCRYPTION: while generating the random path, the user uses AES encryption algorithm to create shared keys with the selected ONION RELAYS. The message is encrypted multiple times, creating a layer for each OR from the farthest (exit point) to the nearest (entry point).
Anonymity in the Web based on Routing Protocols 11 TOR Network Tor Client Encrypted by Tor Not-Encrypted by Tor Destination Server Directory Server Entry Relay OR1 Middle Relay OR2 Onion Relay OR3 Onion Relay OR4 Middle Relay OR5 Exit Relay OR6 The uses contacts the Directory Server and builds the circuit: OR1 , OR2 , OR5 , OR6 {{{{m}6}5}2}1 {{{m}6}5}2 {{m}6}5 {m}6 m A Response must follow the same path in reverse direction r {r}6 {{r}6}5 {{{r}6}5}2 {{{{r}6}5}2}1
Anonymity in the Web based on Routing Protocols 12 TOR: Pros & Cons ADVANTAGES DISADVANTAGES Anonimity Performances Security End Node Decryption Hidden IP Traffic Encryption VPN Doubled Security Possibility to be Targeted Hard to Attack 3rd Party Applications Open Source User Purposes Easy & Free Well Supported
Anonymity in the Web based on Routing Protocols 13 Attacks against TOR • Traffic Analysis Attack: Routing Attacks on Privacy in Tor (RAPTOR) The attack is based on a known vulnerability: an adversary who can observe the traffic on both endpoints of the Tor communication channel (i.e., the first link Client → Tor and the last link Tor → Server), he can correlate packet sizes and packet timings to de-anonymize Tor users. • Browser-based Attack: Torbutton Attack The attack is delivered by a malicious exit node using a Man-In-The-Middle (MITM) attack on HTTP and it tricks the user’s web browser into sending a distinctive signal over the Tor network which can be detected using traffic analysis. • Anonymously De-Anonymizing/Disabling the Tor Network: SNIPER Attack The attack is a Denial-of-Service (DoS) that exploits a vulnerability in the design of Tor’s flow control algorithm to remotely crash a victim Tor relay by exhausting its memory resources. • Passive De-Anonymization of Hidden Service: Circuit Fingerprinting Attacks The attack emulates the Website Fingerprinting to discover and classify Tor hidden services circuits (breaking their anonymity) and it’s based on the Cumulative Distribution Function (CDF) of different key factors which are related to hidden services: the Duration Of Activity (DOA), Incoming Cells and Outgoing Cells. • Exposing Malicious Tor Exit Relays: Spoiled Onions The project focuses on finding and counter-attacking people who run malicious exit relays in order to tamper connections and or deanonymize users. In order to do that, the researchers developed ExitMap (exit relay scanner) for revealing the intent of malicious hidden services, HoneyConnector (framework to detect sniffing exit relays) and a browser extension (Torbutton) patch which fetches and compares suspicious X.509 certificates.
I2P: Invisible Internet Project 2
Anonymity in the Web based on Routing Protocols 15 I2P: Garlic Routing Garlic Routing is often used to refer to the Invisible Internet Project (I2P) which is a message- oriented, peer-to-peer-based (P2P) and low latency anonymous communication network. Each user runs the I2P router, which is the core part of the I2P software. All messages are relayed through tunnels: a tunnel is a unidirectional encrypted virtual connection between 2 or 3 peers (typically).Tunnels can only be used in one direction: tunnels for outgoing and incoming traffic need to be built, namely outbound and inbound tunnels. Messages sent through the I2P network are end-to-end encrypted using garlic encryption: a variation of the Onion Routing design based on garlic messages which can contain multiple data messages with additional routing instructions, called cloves. The encryption used in I2P is a combination of symmetric and asymmetric encryption algorithms which provide data confidentiality and integrity to garlic messages, called ElGamal / AES+SessionTags. A single garlic message may contain multiple data messages for different recipients.
Anonymity in the Web based on Routing Protocols 16 I2P vs TOR TOR I2P Bidirectional Circuit Unidirectional Tunnel Proxy Server (SOCKS) Middleware (I2P API) Entry Guards Entry Guards not needed End-to-End Encryption not guaranteed Tunnel Encryption (End-to-End) AES El Gamal/AES+SessionTags Low computational power nodes Nodes with sufficient capacities Possible Congestion No Congestion Semi-Distributed Fully Distributed Best Performances Worst Performances More Visibility and Greater Community Less known C-based Java-based
Hidden Services 3
Anonymity in the Web based on Routing Protocols 18 Internet as Set of Subsets Internet Dark Web (Restricted & Not-Indexed)Surface Web (Accessible & Indexed) Deep Web (Accessible & Not-Indexed) Tor hidden services operates here!
Anonymity in the Web based on Routing Protocols 19 TOR Hidden Services Hidden Services (identified by the top level domain .onion) are a particular type of websites/servers located inside the Tor Network, which receive inbound connection only through Tor: they allow a Tor user to offer a TCP service without revealing his network identity (IP Address, thus location) and providing encryption at every hop from a client to the hidden service. They provide server anonymity in addition to Tor-default client one. Hidden Services can be reached by using particular building blocks, called Rendezvous Points (RPs).
Anonymity in the Web based on Routing Protocols 20 Hidden Service: Setup 1 HS randomly chooses some relays as Introduction Points (IPs) that will be used to receive inbound connections from clients, building Tor circuits to them. Tor Client Onion Proxy Tor Onion Server DB IP1 IP2 IP3
Anonymity in the Web based on Routing Protocols 21 Hidden Service: Setup 2 HS creates an HS Descriptor containing its Public Key and a summary of the chosen Introduction Points, it signs the descriptor with HS’s PK and it sends it to the distributed Hash Table. An onion address abc.onion (where abc is a name of 16 characters) is derived from the HS’s public key. Tor Client Onion Proxy Tor Onion Server IP1-IP3 Public DB IP1 IP2 IP3
Anonymity in the Web based on Routing Protocols 22 Hidden Service: Setup 3 Tor Client Onion Proxy Tor Onion Server IP1-IP3 Public DB IP1 IP2 IP3 RP auth A Client can query the distributed Hash Table by using the onion address of the hidden service abc.onion, obtaining the HS descriptor. The client creates a circuit to another randomly chosen Tor relay which will act as Rendezvous Point by telling it a One-Time Secret (auth cookie).
Anonymity in the Web based on Routing Protocols 23 Hidden Service: Setup 4 Tor Client Onion Proxy Tor Onion Server DB IP1 IP2 IP3 RP RP Public auth Client establishes a circuit to one of the IPs and sends it an Introduce Message signed with HS’s public key, containing: RP address and the One-Time Secret (auth cookie), asking to forward it to the HS.
Anonymity in the Web based on Routing Protocols 24 Hidden Service: Setup 5 Tor Client Onion Proxy Tor Onion Server Public DB IP1 IP2IP3RP RP auth HS receives the introduce message: it decrypts the message finding the RP address and the one-time secret; then, HS builds a circuit to the RP providing the auth cookie in the Rendezvous Message.
Anonymity in the Web based on Routing Protocols 25 Hidden Service: Setup 6 Tor Client Onion Proxy Tor Onion Server DB IP1 IP2IP3RP RP receives and verifies the one-time secret checking if it is the same as the one previously received from the client.The it notifies the eventual success of connection establishment. Client and HS can use their circuits to RP communicating one with each other and RP simply forwards encrypted messages between them.
Practical Implementation 4
Anonymity in the Web based on Routing Protocols 27 Hidden Service in practice… The steps to setup an hidden service on a Debian-based VM with SSH and nginx web server currently installed are: • Install Tor through the official repositories (official tutorial); • Configure Tor by editing the configuration file /etc/tor/torrc: the values to modify are HiddenServiceDir and HiddenServicePort which are relative to the path and the port on which the HS will be set up. • Update the Tor configuration by service tor reload: some new files are created in the Tor directory; the one called hostname in the directory /var/lib/tor/hidden_service/ specifies the address .onion . • Configure nginx to not reveal sensitive informations: edit the configuration file nginx.conf (in the directory /etc/nginx/ ), hiding the version and disabling the logs, by setting server tokens to off, the error log in /dev/null to crit and by commenting the rows access log and error log. • Create the web page: an index.html web page should be created in the nginx default directory /var/www/html/ to display the SHA512 hash value of my email address (obtained by hashlib Python library). • Configure nginx to offer the web page on Tor: edit web page’s configuration file in the nginx default directory /etc/nginx/sites-available/default with the values specified in the previous steps (localhost, port number:8080). • Restart the web server by service nginx restart. If all the steps are correctly executed… The hidden service is online in the Tor Network!
Anonymity in the Web based on Routing Protocols 28 References • F. D’Amore - Lecture of Web Security and Privacy (2017) - A simple introduction to Tor • R. Dingledine, N. Mathewson, P. Syverson - Tor: The Second-Generation Onion Router • A. Davidsson - Tor: The Onion Routing network • D. McCoy, K. Bauer, D. Grunwald,T. Kohno, D. Sicker - Shining Light in Dark Places: Understanding the Tor Network • M.G. Reed, P.F. Syverson, D.M. Goldschlag - Anonymous Connections and Onion Routing • Y. Sun,A. Edmundson, L.Vanbever, O. Li - RAPTOR: Routing Attacks on Privacy in Tor • T.Abbott, K. Lai, M. Lieberman, E. Price - Browser-Based Attacks on Tor • R. Jansen, F.Tschorsch,A. Johnson, B. Scheuermann - The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network • P. Winter, R. Kower, M. Mulazzani, M. Huber, S. Schrittwieser, S. Lindskog, E. Weippl - Spoiled Onions: Exposing Malicious Tor Exit Relays • A. Kwon, M.AlSabah, D. Lazar, M. Dacier, S. Devadas - Circuit Fingerprinting Attacks: Passive Deanonymization of Tor Hidden Services • T. Wang, X. Cai, R. Nithyanand, R. Johnson, I. Goldberg - Effective Attacks and Provable Defenses for Website Fingerprinting • The Invisible Internet Project: web page • Infosec Institute: Introduction to Anonymizing Networks - Tor vs I2P • B. Conrad, F. Shirazi - A Survey on Tor and I2P • M. Ehlert - I2P vs.Tor usability a bandwidth and latency comparison • Tor: Hidden Service Protocol webpage. • Installing Tor on Debian/Ubuntu tutorial
Contacts anonymous Biagio Botticelli - 1212666 botticelli.1212666@studenti.uniroma1.it biagiobotticelli@yahoo.it LinkedIn

Recommandé

IoT Honeypots: State of the Art
IoT Honeypots: State of the ArtIoT Honeypots: State of the Art
IoT Honeypots: State of the Art
Biagio Botticelli
 
IoT Malware Detection through Threshold Random Walks
IoT Malware Detection through Threshold Random WalksIoT Malware Detection through Threshold Random Walks
IoT Malware Detection through Threshold Random Walks
Biagio Botticelli
 
Linux IOT Botnet Wars and the Lack of Basic Security Hardening - OSCON 2018
Linux IOT Botnet Wars and the Lack of Basic Security Hardening - OSCON 2018Linux IOT Botnet Wars and the Lack of Basic Security Hardening - OSCON 2018
Linux IOT Botnet Wars and the Lack of Basic Security Hardening - OSCON 2018
Mender.io
 
Detecting and Confronting Flash Attacks from IoT Botnets
Detecting and Confronting Flash Attacks from IoT BotnetsDetecting and Confronting Flash Attacks from IoT Botnets
Detecting and Confronting Flash Attacks from IoT Botnets
Farjad Noor
 
Paper id 2820149
Paper id 2820149Paper id 2820149
Paper id 2820149
IJRAT
 
Module 7 (sniffers)
Module 7 (sniffers)Module 7 (sniffers)
Module 7 (sniffers)
Wail Hassan
 
_lauraaviles_05082015_Week 2 Assignment
_lauraaviles_05082015_Week 2 Assignment_lauraaviles_05082015_Week 2 Assignment
_lauraaviles_05082015_Week 2 Assignment
Laura Aviles
 
Security threats analysis in bluetooth enabled mobile devices
Security threats analysis in bluetooth enabled mobile devicesSecurity threats analysis in bluetooth enabled mobile devices
Security threats analysis in bluetooth enabled mobile devices
IJNSA Journal
 

Recommandé

IoT Honeypots: State of the Art
IoT Honeypots: State of the ArtIoT Honeypots: State of the Art
IoT Honeypots: State of the Art
Biagio Botticelli
 
IoT Malware Detection through Threshold Random Walks
IoT Malware Detection through Threshold Random WalksIoT Malware Detection through Threshold Random Walks
IoT Malware Detection through Threshold Random Walks
Biagio Botticelli
 
Linux IOT Botnet Wars and the Lack of Basic Security Hardening - OSCON 2018
Linux IOT Botnet Wars and the Lack of Basic Security Hardening - OSCON 2018Linux IOT Botnet Wars and the Lack of Basic Security Hardening - OSCON 2018
Linux IOT Botnet Wars and the Lack of Basic Security Hardening - OSCON 2018
Mender.io
 
Detecting and Confronting Flash Attacks from IoT Botnets
Detecting and Confronting Flash Attacks from IoT BotnetsDetecting and Confronting Flash Attacks from IoT Botnets
Detecting and Confronting Flash Attacks from IoT Botnets
Farjad Noor
 
Paper id 2820149
Paper id 2820149Paper id 2820149
Paper id 2820149
IJRAT
 
Module 7 (sniffers)
Module 7 (sniffers)Module 7 (sniffers)
Module 7 (sniffers)
Wail Hassan
 
_lauraaviles_05082015_Week 2 Assignment
_lauraaviles_05082015_Week 2 Assignment_lauraaviles_05082015_Week 2 Assignment
_lauraaviles_05082015_Week 2 Assignment
Laura Aviles
 
Security threats analysis in bluetooth enabled mobile devices
Security threats analysis in bluetooth enabled mobile devicesSecurity threats analysis in bluetooth enabled mobile devices
Security threats analysis in bluetooth enabled mobile devices
IJNSA Journal
 
IoT Vulnerability Analysis and IOT In security Controls
IoT Vulnerability Analysis and IOT In security ControlsIoT Vulnerability Analysis and IOT In security Controls
IoT Vulnerability Analysis and IOT In security Controls
Jay Nagar
 
LATTICE STRUCTURAL ANALYSIS ON SNIFFING TO DENIAL OF SERVICE ATTACKS
LATTICE STRUCTURAL ANALYSIS ON SNIFFING TO DENIAL OF SERVICE ATTACKSLATTICE STRUCTURAL ANALYSIS ON SNIFFING TO DENIAL OF SERVICE ATTACKS
LATTICE STRUCTURAL ANALYSIS ON SNIFFING TO DENIAL OF SERVICE ATTACKS
IJCNCJournal
 
RAT - Kill or Get Killed! by Karan Bansal
RAT - Kill or Get Killed! by Karan BansalRAT - Kill or Get Killed! by Karan Bansal
RAT - Kill or Get Killed! by Karan Bansal
OWASP Delhi
 
285 288
285 288285 288
285 288
Editor IJARCET
 
Lec 1 apln security(4pd)
Lec 1 apln security(4pd)Lec 1 apln security(4pd)
Lec 1 apln security(4pd)
Santosh Khadsare
 
Privacy and security in IoT
Privacy and security in IoTPrivacy and security in IoT
Privacy and security in IoT
Vasco Veloso
 
EFFECT MAN-IN THE MIDDLE ON THE NETWORK PERFORMANCE IN VARIOUS ATTACK STRATEGIES
EFFECT MAN-IN THE MIDDLE ON THE NETWORK PERFORMANCE IN VARIOUS ATTACK STRATEGIESEFFECT MAN-IN THE MIDDLE ON THE NETWORK PERFORMANCE IN VARIOUS ATTACK STRATEGIES
EFFECT MAN-IN THE MIDDLE ON THE NETWORK PERFORMANCE IN VARIOUS ATTACK STRATEGIES
IJNSA Journal
 
Security in IoT
Security in IoTSecurity in IoT
Security in IoT
gr9293
 
Bot net detection by using ssl encryption
Bot net detection by using ssl encryptionBot net detection by using ssl encryption
Bot net detection by using ssl encryption
Acad
 
Introduction to Cyber security module - III
Introduction to Cyber security module - IIIIntroduction to Cyber security module - III
Introduction to Cyber security module - III
TAMBEMAHENDRA1
 
Chapter 9 security privacy csc
Chapter 9 security privacy cscChapter 9 security privacy csc
Chapter 9 security privacy csc
Hisyam Rosly
 
Chapter 2
Chapter 2Chapter 2
Chapter 2
shahhardik27
 
Botnets
BotnetsBotnets
Botnets
richashri3
 
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICESURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE
Editor IJMTER
 
Tracing Back The Botmaster
Tracing Back The BotmasterTracing Back The Botmaster
Tracing Back The Botmaster
IJERA Editor
 
Report of android hacking
Report of android hackingReport of android hacking
Report of android hacking
div2345
 
Wpa2 hole196-vulnerability
Wpa2 hole196-vulnerabilityWpa2 hole196-vulnerability
Wpa2 hole196-vulnerability
khalidbaig
 
Onion Routing.ppt
Onion Routing.pptOnion Routing.ppt
Onion Routing.ppt
ssuserb1ba95
 
Introduction to Tor
Introduction to TorIntroduction to Tor
Introduction to Tor
Jaskaran Narula
 
Onion routing and tor: Fundamentals and Anonymity
Onion routing and tor: Fundamentals and AnonymityOnion routing and tor: Fundamentals and Anonymity
Onion routing and tor: Fundamentals and Anonymity
anurag singh
 
TOR NETWORK
TOR NETWORKTOR NETWORK
TOR NETWORK
Rishikese MR
 
tor
tortor
tor
Sunil Agarwal
 

Contenu connexe

Tendances

IoT Vulnerability Analysis and IOT In security Controls
IoT Vulnerability Analysis and IOT In security ControlsIoT Vulnerability Analysis and IOT In security Controls
IoT Vulnerability Analysis and IOT In security Controls
Jay Nagar
 
LATTICE STRUCTURAL ANALYSIS ON SNIFFING TO DENIAL OF SERVICE ATTACKS
LATTICE STRUCTURAL ANALYSIS ON SNIFFING TO DENIAL OF SERVICE ATTACKSLATTICE STRUCTURAL ANALYSIS ON SNIFFING TO DENIAL OF SERVICE ATTACKS
LATTICE STRUCTURAL ANALYSIS ON SNIFFING TO DENIAL OF SERVICE ATTACKS
IJCNCJournal
 
Chapter 9 security privacy csc
Chapter 9 security privacy cscChapter 9 security privacy csc
Chapter 9 security privacy csc
Hisyam Rosly
 
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICESURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE
Editor IJMTER
 
Wpa2 hole196-vulnerability
Wpa2 hole196-vulnerabilityWpa2 hole196-vulnerability
Wpa2 hole196-vulnerability
khalidbaig
 

Tendances (17)

IoT Vulnerability Analysis and IOT In security Controls
IoT Vulnerability Analysis and IOT In security ControlsIoT Vulnerability Analysis and IOT In security Controls
IoT Vulnerability Analysis and IOT In security Controls
 
LATTICE STRUCTURAL ANALYSIS ON SNIFFING TO DENIAL OF SERVICE ATTACKS
LATTICE STRUCTURAL ANALYSIS ON SNIFFING TO DENIAL OF SERVICE ATTACKSLATTICE STRUCTURAL ANALYSIS ON SNIFFING TO DENIAL OF SERVICE ATTACKS
LATTICE STRUCTURAL ANALYSIS ON SNIFFING TO DENIAL OF SERVICE ATTACKS
 
RAT - Kill or Get Killed! by Karan Bansal
RAT - Kill or Get Killed! by Karan BansalRAT - Kill or Get Killed! by Karan Bansal
RAT - Kill or Get Killed! by Karan Bansal
 
285 288
285 288285 288
285 288
 
Lec 1 apln security(4pd)
Lec 1 apln security(4pd)Lec 1 apln security(4pd)
Lec 1 apln security(4pd)
 
Privacy and security in IoT
Privacy and security in IoTPrivacy and security in IoT
Privacy and security in IoT
 
EFFECT MAN-IN THE MIDDLE ON THE NETWORK PERFORMANCE IN VARIOUS ATTACK STRATEGIES
EFFECT MAN-IN THE MIDDLE ON THE NETWORK PERFORMANCE IN VARIOUS ATTACK STRATEGIESEFFECT MAN-IN THE MIDDLE ON THE NETWORK PERFORMANCE IN VARIOUS ATTACK STRATEGIES
EFFECT MAN-IN THE MIDDLE ON THE NETWORK PERFORMANCE IN VARIOUS ATTACK STRATEGIES
 
Security in IoT
Security in IoTSecurity in IoT
Security in IoT
 
Bot net detection by using ssl encryption
Bot net detection by using ssl encryptionBot net detection by using ssl encryption
Bot net detection by using ssl encryption
 
Introduction to Cyber security module - III
Introduction to Cyber security module - IIIIntroduction to Cyber security module - III
Introduction to Cyber security module - III
 
Chapter 9 security privacy csc
Chapter 9 security privacy cscChapter 9 security privacy csc
Chapter 9 security privacy csc
 
Chapter 2
Chapter 2Chapter 2
Chapter 2
 
Botnets
BotnetsBotnets
Botnets
 
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICESURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE
 
Tracing Back The Botmaster
Tracing Back The BotmasterTracing Back The Botmaster
Tracing Back The Botmaster
 
Report of android hacking
Report of android hackingReport of android hacking
Report of android hacking
 
Wpa2 hole196-vulnerability
Wpa2 hole196-vulnerabilityWpa2 hole196-vulnerability
Wpa2 hole196-vulnerability
 

Similaire à Anonymity in the web based on routing protocols

Tor the onion router
Tor the onion routerTor the onion router
Tor the onion router
Ashly Liza
 
Onion protocol
Onion protocolOnion protocol
Onion protocol
Anshu Raj
 

Similaire à Anonymity in the web based on routing protocols (20)

Onion Routing.ppt
Onion Routing.pptOnion Routing.ppt
Onion Routing.ppt
 
Introduction to Tor
Introduction to TorIntroduction to Tor
Introduction to Tor
 
Onion routing and tor: Fundamentals and Anonymity
Onion routing and tor: Fundamentals and AnonymityOnion routing and tor: Fundamentals and Anonymity
Onion routing and tor: Fundamentals and Anonymity
 
TOR NETWORK
TOR NETWORKTOR NETWORK
TOR NETWORK
 
tor
tortor
tor
 
Tor Network
Tor NetworkTor Network
Tor Network
 
Tor the onion router
Tor the onion routerTor the onion router
Tor the onion router
 
Tor
TorTor
Tor
 
Onion protocol
Onion protocolOnion protocol
Onion protocol
 
Overlay networks
Overlay networksOverlay networks
Overlay networks
 
TOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying MarkersTOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying Markers
 
Anonymity in the Web based on Routing Protocols
Anonymity in the Web based on Routing ProtocolsAnonymity in the Web based on Routing Protocols
Anonymity in the Web based on Routing Protocols
 
Tor the onion router
Tor the onion routerTor the onion router
Tor the onion router
 
Tor
TorTor
Tor
 
Comparison of Anonymous Communication Networks-Tor, I2P, Freenet
Comparison of Anonymous Communication Networks-Tor, I2P, FreenetComparison of Anonymous Communication Networks-Tor, I2P, Freenet
Comparison of Anonymous Communication Networks-Tor, I2P, Freenet
 
The Onion Routing (TOR)
The Onion Routing (TOR)The Onion Routing (TOR)
The Onion Routing (TOR)
 
(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation
 
DEF CON 27 - ROGER DINGLEDINE -tor censorship arms race
DEF CON 27 - ROGER DINGLEDINE -tor censorship arms raceDEF CON 27 - ROGER DINGLEDINE -tor censorship arms race
DEF CON 27 - ROGER DINGLEDINE -tor censorship arms race
 
Introduction to anonymity network tor
Introduction to anonymity network torIntroduction to anonymity network tor
Introduction to anonymity network tor
 
Anonymity Network TOR
Anonymity Network TOR Anonymity Network TOR
Anonymity Network TOR
 

Plus de Biagio Botticelli

Plus de Biagio Botticelli (7)

Control of Communication and Energy Networks Final Project - Service Function...
Control of Communication and Energy Networks Final Project - Service Function...Control of Communication and Energy Networks Final Project - Service Function...
Control of Communication and Energy Networks Final Project - Service Function...
 
System and Enterprise Security Project - Penetration Testing
System and Enterprise Security Project - Penetration TestingSystem and Enterprise Security Project - Penetration Testing
System and Enterprise Security Project - Penetration Testing
 
Web Information Retrieval - Homework 1
Web Information Retrieval - Homework 1Web Information Retrieval - Homework 1
Web Information Retrieval - Homework 1
 
State of the Art: IoT Honeypots
State of the Art: IoT HoneypotsState of the Art: IoT Honeypots
State of the Art: IoT Honeypots
 
Blockchain for IoT - Smart Home
Blockchain for IoT - Smart HomeBlockchain for IoT - Smart Home
Blockchain for IoT - Smart Home
 
Smart Team Tracking Project: Group Tracking
Smart Team Tracking Project: Group Tracking Smart Team Tracking Project: Group Tracking
Smart Team Tracking Project: Group Tracking
 
Adafruit Huzzah Esp8266 WiFi Board
Adafruit Huzzah Esp8266 WiFi BoardAdafruit Huzzah Esp8266 WiFi Board
Adafruit Huzzah Esp8266 WiFi Board
 

Dernier

Integrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - NeometrixIntegrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - Neometrix
Neometrix_Engineering_Pvt_Ltd
 
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
tanu pandey
 
Call Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
notes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.pptnotes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.ppt
MsecMca
 
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Arindam Chakraborty, Ph.D., P.E. (CA, TX)
 
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
SUHANI PANDEY
 
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
Kamal Acharya
 

Dernier (20)

Integrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - NeometrixIntegrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - Neometrix
 
Double Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torqueDouble Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torque
 
A Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna MunicipalityA Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna Municipality
 
Minimum and Maximum Modes of microprocessor 8086
Minimum and Maximum Modes of microprocessor 8086Minimum and Maximum Modes of microprocessor 8086
Minimum and Maximum Modes of microprocessor 8086
 
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
 
Call Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
 
Block diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.pptBlock diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.ppt
 
Introduction to Serverless with AWS Lambda
Introduction to Serverless with AWS LambdaIntroduction to Serverless with AWS Lambda
Introduction to Serverless with AWS Lambda
 
Generative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTGenerative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPT
 
notes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.pptnotes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.ppt
 
Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024
 
Hostel management system project report..pdf
Hostel management system project report..pdfHostel management system project report..pdf
Hostel management system project report..pdf
 
Work-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptxWork-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptx
 
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
 
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
 
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
 
Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...
Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...
Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...
 
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdfONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performance
 

Anonymity in the web based on routing protocols

  • 1. Master of Science in Engineering in Computer Science Web Security and Privacy, a.y. 2016-17 Prof. D’Amore Fabrizio Author: Botticelli Biagio - botticelli.1212666@studenti.uniroma1.it Anonymity in the Web based on Routing Protocols
  • 3. Anonymity in the Web based on Routing Protocols 3 Internet as a Public network Internet: global network connecting the world designed to be PUBLIC. The packets over the Web contain information about sender and destination and routers exchanging the traffic can monitor and analyze them. Encryption is used to secure the data: it hides the payload, not the routing information. Data Mining & Correlation: Traffic Analysis is became a huge business! : 680 Billion US $ So, even the tunnel mode encryption reveals at least the IP addresses of gateways.
  • 4. ? Anonymity in the Web based on Routing Protocols NO Anonymity in Internet Internet users may suffer violations of their right to PRIVACY since they have NO ANONYMITY 4 ANONYMITY is the property which makes an user: • NON-IDENTIFIABLE: user activities are hidden among similar activities of other users; • UNOBSERVABLE: system or protocol used by the user cannot be established; • UNTRACEABLE: user and the performed action cannot be linked.
  • 5. Anonymity in the Web based on Routing Protocols 5 TOR - The Onion Router TOR - THE ONION ROUTER : the most popular free and distributed anonymity network which uses an overlay network allowing people to improve their PRIVACY and SECURITY by concealing their location and activity from anyone conducting Network Surveillance or Traffic Analysis over the Internet. Born as a research project of the U.S. Naval Research Laboratory in 1995 and definitely deployed in 2003. Today, development and network management is handled by the Tor Project Inc. TOR NETWORK: TOR users want to prevent websites from tracking them, or to connect to those internet services blocked by their local Internet providers. More than 7000 relays and 2.5 millions of users!
  • 6. Anonymity in the Web based on Routing Protocols 6 Simple Internet Connection TOR HTTPS All components of the network can see all the user information… NOT SECURE & NOT ANONYMOUS!
  • 7. Anonymity in the Web based on Routing Protocols 7 Connection using HTTPS TOR HTTPS SECURE & NOT ANONYMOUS! ENCRYPTION hides payload; but, routing informations are still visible…
  • 8. Anonymity in the Web based on Routing Protocols 8 Connection using TOR TOR HTTPS TOR NETWORK = Black Box ENTRY POINT knows only the source EXIT POINT knows only the destination MIDDLE RELAY knows neither the source nor the destination NOT SECURE & ANONYMOUS! The attacker can see only that the user is accessing TOR, but not the content of the communication The User IP is not seen!
  • 9. Anonymity in the Web based on Routing Protocols 9 Connection with TOR & HTTPS TOR HTTPS TOR used together with HTTPS: SECURITY is guaranteed SECURE & ANONYMOUS!
  • 10. Anonymity in the Web based on Routing Protocols 10 The Onion Routing The encrypted message is sent over the virtual circuit: each OR knows the next hop only by decrypting its layer of encryption and it forwards the remaining unencrypted data. The last node (exit point) delivers the original message (in clear) to the destination without knowing the source. TELESCOPIC ENCRYPTION: while generating the random path, the user uses AES encryption algorithm to create shared keys with the selected ONION RELAYS. The message is encrypted multiple times, creating a layer for each OR from the farthest (exit point) to the nearest (entry point).
  • 11. Anonymity in the Web based on Routing Protocols 11 TOR Network Tor Client Encrypted by Tor Not-Encrypted by Tor Destination Server Directory Server Entry Relay OR1 Middle Relay OR2 Onion Relay OR3 Onion Relay OR4 Middle Relay OR5 Exit Relay OR6 The uses contacts the Directory Server and builds the circuit: OR1 , OR2 , OR5 , OR6 {{{{m}6}5}2}1 {{{m}6}5}2 {{m}6}5 {m}6 m A Response must follow the same path in reverse direction r {r}6 {{r}6}5 {{{r}6}5}2 {{{{r}6}5}2}1
  • 12. Anonymity in the Web based on Routing Protocols 12 TOR: Pros & Cons ADVANTAGES DISADVANTAGES Anonimity Performances Security End Node Decryption Hidden IP Traffic Encryption VPN Doubled Security Possibility to be Targeted Hard to Attack 3rd Party Applications Open Source User Purposes Easy & Free Well Supported
  • 13. Anonymity in the Web based on Routing Protocols 13 Attacks against TOR • Traffic Analysis Attack: Routing Attacks on Privacy in Tor (RAPTOR) The attack is based on a known vulnerability: an adversary who can observe the traffic on both endpoints of the Tor communication channel (i.e., the first link Client → Tor and the last link Tor → Server), he can correlate packet sizes and packet timings to de-anonymize Tor users. • Browser-based Attack: Torbutton Attack The attack is delivered by a malicious exit node using a Man-In-The-Middle (MITM) attack on HTTP and it tricks the user’s web browser into sending a distinctive signal over the Tor network which can be detected using traffic analysis. • Anonymously De-Anonymizing/Disabling the Tor Network: SNIPER Attack The attack is a Denial-of-Service (DoS) that exploits a vulnerability in the design of Tor’s flow control algorithm to remotely crash a victim Tor relay by exhausting its memory resources. • Passive De-Anonymization of Hidden Service: Circuit Fingerprinting Attacks The attack emulates the Website Fingerprinting to discover and classify Tor hidden services circuits (breaking their anonymity) and it’s based on the Cumulative Distribution Function (CDF) of different key factors which are related to hidden services: the Duration Of Activity (DOA), Incoming Cells and Outgoing Cells. • Exposing Malicious Tor Exit Relays: Spoiled Onions The project focuses on finding and counter-attacking people who run malicious exit relays in order to tamper connections and or deanonymize users. In order to do that, the researchers developed ExitMap (exit relay scanner) for revealing the intent of malicious hidden services, HoneyConnector (framework to detect sniffing exit relays) and a browser extension (Torbutton) patch which fetches and compares suspicious X.509 certificates.
  • 15. Anonymity in the Web based on Routing Protocols 15 I2P: Garlic Routing Garlic Routing is often used to refer to the Invisible Internet Project (I2P) which is a message- oriented, peer-to-peer-based (P2P) and low latency anonymous communication network. Each user runs the I2P router, which is the core part of the I2P software. All messages are relayed through tunnels: a tunnel is a unidirectional encrypted virtual connection between 2 or 3 peers (typically).Tunnels can only be used in one direction: tunnels for outgoing and incoming traffic need to be built, namely outbound and inbound tunnels. Messages sent through the I2P network are end-to-end encrypted using garlic encryption: a variation of the Onion Routing design based on garlic messages which can contain multiple data messages with additional routing instructions, called cloves. The encryption used in I2P is a combination of symmetric and asymmetric encryption algorithms which provide data confidentiality and integrity to garlic messages, called ElGamal / AES+SessionTags. A single garlic message may contain multiple data messages for different recipients.
  • 16. Anonymity in the Web based on Routing Protocols 16 I2P vs TOR TOR I2P Bidirectional Circuit Unidirectional Tunnel Proxy Server (SOCKS) Middleware (I2P API) Entry Guards Entry Guards not needed End-to-End Encryption not guaranteed Tunnel Encryption (End-to-End) AES El Gamal/AES+SessionTags Low computational power nodes Nodes with sufficient capacities Possible Congestion No Congestion Semi-Distributed Fully Distributed Best Performances Worst Performances More Visibility and Greater Community Less known C-based Java-based
  • 18. Anonymity in the Web based on Routing Protocols 18 Internet as Set of Subsets Internet Dark Web (Restricted & Not-Indexed)Surface Web (Accessible & Indexed) Deep Web (Accessible & Not-Indexed) Tor hidden services operates here!
  • 19. Anonymity in the Web based on Routing Protocols 19 TOR Hidden Services Hidden Services (identified by the top level domain .onion) are a particular type of websites/servers located inside the Tor Network, which receive inbound connection only through Tor: they allow a Tor user to offer a TCP service without revealing his network identity (IP Address, thus location) and providing encryption at every hop from a client to the hidden service. They provide server anonymity in addition to Tor-default client one. Hidden Services can be reached by using particular building blocks, called Rendezvous Points (RPs).
  • 20. Anonymity in the Web based on Routing Protocols 20 Hidden Service: Setup 1 HS randomly chooses some relays as Introduction Points (IPs) that will be used to receive inbound connections from clients, building Tor circuits to them. Tor Client Onion Proxy Tor Onion Server DB IP1 IP2 IP3
  • 21. Anonymity in the Web based on Routing Protocols 21 Hidden Service: Setup 2 HS creates an HS Descriptor containing its Public Key and a summary of the chosen Introduction Points, it signs the descriptor with HS’s PK and it sends it to the distributed Hash Table. An onion address abc.onion (where abc is a name of 16 characters) is derived from the HS’s public key. Tor Client Onion Proxy Tor Onion Server IP1-IP3 Public DB IP1 IP2 IP3
  • 22. Anonymity in the Web based on Routing Protocols 22 Hidden Service: Setup 3 Tor Client Onion Proxy Tor Onion Server IP1-IP3 Public DB IP1 IP2 IP3 RP auth A Client can query the distributed Hash Table by using the onion address of the hidden service abc.onion, obtaining the HS descriptor. The client creates a circuit to another randomly chosen Tor relay which will act as Rendezvous Point by telling it a One-Time Secret (auth cookie).
  • 23. Anonymity in the Web based on Routing Protocols 23 Hidden Service: Setup 4 Tor Client Onion Proxy Tor Onion Server DB IP1 IP2 IP3 RP RP Public auth Client establishes a circuit to one of the IPs and sends it an Introduce Message signed with HS’s public key, containing: RP address and the One-Time Secret (auth cookie), asking to forward it to the HS.
  • 24. Anonymity in the Web based on Routing Protocols 24 Hidden Service: Setup 5 Tor Client Onion Proxy Tor Onion Server Public DB IP1 IP2IP3RP RP auth HS receives the introduce message: it decrypts the message finding the RP address and the one-time secret; then, HS builds a circuit to the RP providing the auth cookie in the Rendezvous Message.
  • 25. Anonymity in the Web based on Routing Protocols 25 Hidden Service: Setup 6 Tor Client Onion Proxy Tor Onion Server DB IP1 IP2IP3RP RP receives and verifies the one-time secret checking if it is the same as the one previously received from the client.The it notifies the eventual success of connection establishment. Client and HS can use their circuits to RP communicating one with each other and RP simply forwards encrypted messages between them.
  • 27. Anonymity in the Web based on Routing Protocols 27 Hidden Service in practice… The steps to setup an hidden service on a Debian-based VM with SSH and nginx web server currently installed are: • Install Tor through the official repositories (official tutorial); • Configure Tor by editing the configuration file /etc/tor/torrc: the values to modify are HiddenServiceDir and HiddenServicePort which are relative to the path and the port on which the HS will be set up. • Update the Tor configuration by service tor reload: some new files are created in the Tor directory; the one called hostname in the directory /var/lib/tor/hidden_service/ specifies the address .onion . • Configure nginx to not reveal sensitive informations: edit the configuration file nginx.conf (in the directory /etc/nginx/ ), hiding the version and disabling the logs, by setting server tokens to off, the error log in /dev/null to crit and by commenting the rows access log and error log. • Create the web page: an index.html web page should be created in the nginx default directory /var/www/html/ to display the SHA512 hash value of my email address (obtained by hashlib Python library). • Configure nginx to offer the web page on Tor: edit web page’s configuration file in the nginx default directory /etc/nginx/sites-available/default with the values specified in the previous steps (localhost, port number:8080). • Restart the web server by service nginx restart. If all the steps are correctly executed… The hidden service is online in the Tor Network!
  • 28. Anonymity in the Web based on Routing Protocols 28 References • F. D’Amore - Lecture of Web Security and Privacy (2017) - A simple introduction to Tor • R. Dingledine, N. Mathewson, P. Syverson - Tor: The Second-Generation Onion Router • A. Davidsson - Tor: The Onion Routing network • D. McCoy, K. Bauer, D. Grunwald,T. Kohno, D. Sicker - Shining Light in Dark Places: Understanding the Tor Network • M.G. Reed, P.F. Syverson, D.M. Goldschlag - Anonymous Connections and Onion Routing • Y. Sun,A. Edmundson, L.Vanbever, O. Li - RAPTOR: Routing Attacks on Privacy in Tor • T.Abbott, K. Lai, M. Lieberman, E. Price - Browser-Based Attacks on Tor • R. Jansen, F.Tschorsch,A. Johnson, B. Scheuermann - The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network • P. Winter, R. Kower, M. Mulazzani, M. Huber, S. Schrittwieser, S. Lindskog, E. Weippl - Spoiled Onions: Exposing Malicious Tor Exit Relays • A. Kwon, M.AlSabah, D. Lazar, M. Dacier, S. Devadas - Circuit Fingerprinting Attacks: Passive Deanonymization of Tor Hidden Services • T. Wang, X. Cai, R. Nithyanand, R. Johnson, I. Goldberg - Effective Attacks and Provable Defenses for Website Fingerprinting • The Invisible Internet Project: web page • Infosec Institute: Introduction to Anonymizing Networks - Tor vs I2P • B. Conrad, F. Shirazi - A Survey on Tor and I2P • M. Ehlert - I2P vs.Tor usability a bandwidth and latency comparison • Tor: Hidden Service Protocol webpage. • Installing Tor on Debian/Ubuntu tutorial
  • 29. Contacts anonymous Biagio Botticelli - 1212666 botticelli.1212666@studenti.uniroma1.it biagiobotticelli@yahoo.it LinkedIn