Add to collection(s) Add to saved
  1. No category

LASTor: A Low-Latency AS

advertisement 
LASTor: A Low-Latency AS-Aware
Tor Client
Masoud Akhoondi, Curtis Yu, Harsha V. Madhyastha
Tor (The onion router)
D
R3
R2
S
R1
• Anonymity
- Each hop only knows previous and next hop on a path
• 400,000 users
• Low latency communication
• is2700
relays[Mccoy08]
- 90% of Tor traffic
interactive
How are latencies on Tor?
– Sources:
• 50 PlanetLab nodes
spread across globe
– Destinations:
• Top 200 websites
CDF of (src, dst) pairs
• Experiment:
1
0.8
0.6
0.4
5x inflation
in median
0.2
No Tor
Default Tor
0
0
0.5
1
1.5
Latency (sec)
2
3
Profiling attack on Tor
Green AS (Autonomous System) can eavesdrop on both end segments of
path[Murdoch07]
S
Entry
segment
Entry
relay
Relay 2
Exit
segment
Exit
relay
D
1
.8
.6
.4
.2
0
0
0.2
How severe is profiling attack?
0.4
0.8
Tor relays
0.6
CDF of ASes
65% of relays are
in 20% of all ASes
1
Non-uniform distribution of relays across ASes
5
Potential solution for these problems
• Measure latencies and routes from each relay
to all end-hosts [Sherr09, Alsabah11, Mittall11]
– Requires modification of relays
• None of these proposals deployed yet
– Non-trivial to implement
Main insight: Client modifications suffice
Improve poor latency for
interactive communications
Mitigate profiling
attack
LASTor: A low-latency AS-aware Tor client
Main insight: Client modifications suffice
Improve poor latency for
interactive communications
Solution:
Modified path
selection to reduce
latency
Mitigate profiling
attack
Solution:
AS-aware path selection
Goal: Improve latency
Sources of latency on Tor
• Queuing and processing delay
– Congestion in relays [Panchenko09]
• Propagation delay
– Long paths
D
S
Goal: Improve latency
Shortest path vs. Default Tor
• Destinations:
• Sources:
– 50 PlanetLab nodes
spread across globe
• Map relays to
geographical locations
CDF of (src, dst) pairs
– Top 200 websites
1
0.8
50% improvement
in median
0.6
0.4
0.2
No Tor
SP Tor
Default Tor
0
0
Shorter paths can greatly reduce latency
0.5
1
1.5
Latency (sec)
2
Path should not be deterministic  Weighted Shortest Path (WSP)
10
Goal: Improve latency
Weighted Shortest Path (WSP)
• WSP computes length of all possible paths
• Probability of choosing is inversely proportional
to its length
3
1
3
1
1
2
4
Path
Length Prob.
Uppe
r
8
Lower 10
0.56
0.44
3
11
Goal: Improve latency
An Attack on WSP
Attacker controls a relay
1
3
3
1
1
2
4
3
Original prob.
Prob.
Compromised paths
0.56
0.8
Other paths
0.44
0.2
Goal: Improve latency
Solution: Clustering of relays
1
3
3
1
1
2
4
3
• Run WSP using clusters of relays
• For chosen cluster-level path, randomly pick a relay in each cluster
Goal: Improve latency
Solution: Clustering of relays
1
3
3
1
1
2
4
3
Prob.
Compromised paths
0.56
Other paths
0.44
Goal: Improve latency
Weighted Shortest Path (WSP)
• Preprocessing
– Cluster all relays
• Path selection
– Computes length of possible paths using clusters
– Choose a path with a probability inversely
proportional to its length
– Pick a relay randomly in each chosen cluster
• Other issues (see paper)
– Handling multi-location destinations
– Choosing entry relays
Goal: Improve latency
WSP reduces latency
CDF of (src, dst) pairs
1
0.8
0.6
0.4
0.2
0
0
WSP
Default Tor
0.5
1
Latency (sec)
20% improvement
in 80th percentile
25% improvement
in median
1.5
2
50 PlanetLab nodes to top 200 websites
16
Goal: Improve latency
Tunable path selection in LASTor
• Modify WSP to consider user’s preference towards:
– Anonymity
– Latency
• Single parameter α configured by user:
– Modified weight w to w(1-α) where 0 ≤α≤ 1
0
Lowest latency
α
1
Highest anonymity
17
Goal: Improve latency
Tunable path selection in LASTor
Lower α, lower latency
Higher α, higher anonymity
Gini Coefficient
 measure of inequality in a distribution
 0: perfect equality
 1: maximal inequality
18
Main insight: Client modifications suffice
Improve poor latency for
interactive communications
Solution:
Modified path
selection to reduce
latency
Mitigate profiling
attack
Solution:
AS-aware path selection
Goal: AS-aware
Profiling attack on a path
Green
AS (Autonomous
System)
can on
eavesdrop
on both
segments of
Goal:
Detect common
ASes
entry and
exitend
segments
path[Murdoch07]
S
Entry
segment
Entry
relay
Relay 2
Exit
segment
Exit
relay
D
Goal: AS-aware
CDF of (src, dst) pairs
Simple heuristic does not work
1
0.9
0.8
0.7
0.6
0.5
0.4
0.3
0.2
0.1
0
57% of common AS
instances are missed
Same /16
0
20 40 60 80 100
False negative rate (%)
• Default Tor ensures no two Tor relays in same /16
• False negative: fraction of paths with common AS not detected
Goal: AS-aware
Need for predicting AS paths
• Approach 1: Measure routes from relays to all end hosts
– Need to modify relays
• Approach 2: Infer AS-level routes
– Several techniques exist [Mao05, Madhyastha06,
Madhyastha09, Lee11]
– At best 70% accuracy
Exit relay
D
Goal: AS-aware
Our solution: AS set prediction
Exit relay
D
Predict ASes on all paths compliant with routing policies
Goal: AS-aware
Our solution: AS set prediction
Exit relay
D
Predict ASes on all paths compliant with routing policies
Goal: AS-aware
Our solution: AS set prediction
• Input [13MB initially, 1.5MB weekly]
– Topology graph at AS-level
– Estimate of AS path length
– Compact representation routing policies:
• Triple of (AS1, AS2, AS3) where AS1AS2AS3
• Algorithm
– Modified version of Dijkstra’s algorithm
• Output
– Set of ASes on policy-compliant routes
Goal: AS-aware
CDF of (src, dst) pairs
AS set based prediction is accurate
1
0.9
0.8
0.7
0.6
0.5
0.4
0.3
0.2
0.1
0
11% of common AS
instances are missed
57% of common AS
instances are missed
AS sets
Same /16
20 40 60 80 100
0
False negative rate (%)
• False
fraction of paths
with common
AS not
Anynegative:
path selection
algorithm
can use
ASdetected
set
predcition to avoid profiling attack
26
LASTor Latency
CDF of (src, dst) pairs
1
WSP
0.8 WSP+AS sets
Default Tor
0.6
0.4
0.2
0
0
1.5
1
0.5
Latency (sec)
2
50 PlanetLab nodes to top 200 websites
27
Summary
• Demonstrated client side changes are sufficient for:
– Lower latency
– Higher anonymity
• Designed and implemented LASTor
– Reduces median latency by 25%
– Reduces median false negative of common AS from 57% to 11%
28
Thank you
29
How does Tor work? (Onion Routing)
Entry Relay (guard)
Exit Relay
Client
Server
R1
R3
R5
R4
R2
Middle Relay
- 300,000 users
- 2700 relays 30
1
0.8
0.6
0.4
0.2
0
0
0.2
Is distance a good estimation of latency?
0.6
0.8
Weighted SP
Weighted Latency
0.4
Latency (sec)
1
• Choose two different
paths:
– WSP(latency)
– WSP(distance)
• Measure latency on these
two paths
• 50 planetlab nodes as source
and top 200 websites as
destination
There is no significant
difference between these two
metrics
31
Goal: AS-aware
CDF of (src, dst) pairs
Accuracy of AS-set prediction algorithm
1
0.9
0.8
0.7
0.6
0.5
0.4
0.3
0.2
0.1
0
AS sets
E&S
iPlane
Same AS
0
20 40 60 80 100
False negative rate (%)
32
Attack on WSP
Goal: Improve latency
CDF of (src, dst) pairs
1
0.8
0.6
0.4
0.2
0
With clusters,25x
No clusters,25x
0 10 20 30 40 50 60 70 80
50% reduction
Clustering of relays reduces:
- Probability of the attack
- Running time of WSP
• Adversary replicates 10% most popular relays 25 times
• Compute probability of the chosen path traversing a malicious relay
33
Related documents
ppt - Aaron Michael Johnson
ppt - Aaron Michael Johnson
Daily Announcements
Daily Announcements
PIR-Tor: Scalable Anonymous Communication Using
PIR-Tor: Scalable Anonymous Communication Using
PPT
PPT
Flattened Butterfly Topology for On
Flattened Butterfly Topology for On
Multiplayer Online Games PPT
Multiplayer Online Games PPT
Imperial-efx_Credit_Suisse_23Jan13_new
Imperial-efx_Credit_Suisse_23Jan13_new
Chapter 4 - Dyessick
Chapter 4 - Dyessick
Download
advertisement