Challenges in protecting tor hidden services from botnet abuse

Nicholas Hopper

doi:10.1007/978-3-662-45472-5_21

Challenges in protecting tor hidden services from botnet abuse

Nicholas Hopper

Computer Science and Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

8 Scopus citations

Abstract

In August 2013, the Tor network experienced a sudden, drastic reduction in performance due to the Mevade/Sefnit botnet. This botnet ran its command and control server as a Tor hidden service, so that all infected nodes contacted the command and control through Tor. In this paper, we consider several protocol changes to protect Tor against future incidents of this nature, describing the research challenges that must be solved in order to evaluate and deploy each of these methods. In particular, we consider four technical approaches: resource-based throttling, guard node throttling, reuse of failed partial circuits, and hidden service circuit isolation.

Original language	English (US)
Title of host publication	Financial Cryptography and Data Security - 18th International Conference, FC 2014, Revised Selected Papers
Editors	Reihaneh Safavi-Naini, Nicolas Christin
Publisher	Springer- Verlag
Pages	316-325
Number of pages	10
ISBN (Electronic)	9783662454718
DOIs	https://doi.org/10.1007/978-3-662-45472-5_21
State	Published - Jan 1 2014
Event	18th International Conference on Financial Cryptography and Data Security, FC 2014 - Christ Church, Barbados Duration: Mar 3 2014 → Mar 7 2014

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	8437
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Other

Other	18th International Conference on Financial Cryptography and Data Security, FC 2014
Country	Barbados
City	Christ Church
Period	3/3/14 → 3/7/14

Access

10.1007/978-3-662-45472-5_21

Fingerprint Dive into the research topics of 'Challenges in protecting tor hidden services from botnet abuse'. Together they form a unique fingerprint.

Cite this

Hopper, N. (2014). Challenges in protecting tor hidden services from botnet abuse. In R. Safavi-Naini, & N. Christin (Eds.), Financial Cryptography and Data Security - 18th International Conference, FC 2014, Revised Selected Papers (pp. 316-325). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 8437). Springer- Verlag. https://doi.org/10.1007/978-3-662-45472-5_21

Challenges in protecting tor hidden services from botnet abuse. / Hopper, Nicholas.

Financial Cryptography and Data Security - 18th International Conference, FC 2014, Revised Selected Papers. ed. / Reihaneh Safavi-Naini; Nicolas Christin. Springer- Verlag, 2014. p. 316-325 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 8437).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Hopper, N 2014, Challenges in protecting tor hidden services from botnet abuse. in R Safavi-Naini & N Christin (eds), Financial Cryptography and Data Security - 18th International Conference, FC 2014, Revised Selected Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 8437, Springer- Verlag, pp. 316-325, 18th International Conference on Financial Cryptography and Data Security, FC 2014, Christ Church, Barbados, 3/3/14. https://doi.org/10.1007/978-3-662-45472-5_21

Hopper N. Challenges in protecting tor hidden services from botnet abuse. In Safavi-Naini R, Christin N, editors, Financial Cryptography and Data Security - 18th International Conference, FC 2014, Revised Selected Papers. Springer- Verlag. 2014. p. 316-325. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-662-45472-5_21

Hopper, Nicholas. / Challenges in protecting tor hidden services from botnet abuse. Financial Cryptography and Data Security - 18th International Conference, FC 2014, Revised Selected Papers. editor / Reihaneh Safavi-Naini ; Nicolas Christin. Springer- Verlag, 2014. pp. 316-325 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{b40a5072982e4c4e8ae1abc4d2800741,

title = "Challenges in protecting tor hidden services from botnet abuse",

abstract = "In August 2013, the Tor network experienced a sudden, drastic reduction in performance due to the Mevade/Sefnit botnet. This botnet ran its command and control server as a Tor hidden service, so that all infected nodes contacted the command and control through Tor. In this paper, we consider several protocol changes to protect Tor against future incidents of this nature, describing the research challenges that must be solved in order to evaluate and deploy each of these methods. In particular, we consider four technical approaches: resource-based throttling, guard node throttling, reuse of failed partial circuits, and hidden service circuit isolation.",

author = "Nicholas Hopper",

year = "2014",

month = jan,

day = "1",

doi = "10.1007/978-3-662-45472-5_21",

language = "English (US)",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer- Verlag",

pages = "316--325",

editor = "Reihaneh Safavi-Naini and Nicolas Christin",

booktitle = "Financial Cryptography and Data Security - 18th International Conference, FC 2014, Revised Selected Papers",

note = "18th International Conference on Financial Cryptography and Data Security, FC 2014 ; Conference date: 03-03-2014 Through 07-03-2014",

}

TY - GEN

T1 - Challenges in protecting tor hidden services from botnet abuse

AU - Hopper, Nicholas

PY - 2014/1/1

Y1 - 2014/1/1

N2 - In August 2013, the Tor network experienced a sudden, drastic reduction in performance due to the Mevade/Sefnit botnet. This botnet ran its command and control server as a Tor hidden service, so that all infected nodes contacted the command and control through Tor. In this paper, we consider several protocol changes to protect Tor against future incidents of this nature, describing the research challenges that must be solved in order to evaluate and deploy each of these methods. In particular, we consider four technical approaches: resource-based throttling, guard node throttling, reuse of failed partial circuits, and hidden service circuit isolation.

AB - In August 2013, the Tor network experienced a sudden, drastic reduction in performance due to the Mevade/Sefnit botnet. This botnet ran its command and control server as a Tor hidden service, so that all infected nodes contacted the command and control through Tor. In this paper, we consider several protocol changes to protect Tor against future incidents of this nature, describing the research challenges that must be solved in order to evaluate and deploy each of these methods. In particular, we consider four technical approaches: resource-based throttling, guard node throttling, reuse of failed partial circuits, and hidden service circuit isolation.

UR - http://www.scopus.com/inward/record.url?scp=84916623770&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84916623770&partnerID=8YFLogxK

U2 - 10.1007/978-3-662-45472-5_21

DO - 10.1007/978-3-662-45472-5_21

M3 - Conference contribution

AN - SCOPUS:84916623770

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 316

EP - 325

BT - Financial Cryptography and Data Security - 18th International Conference, FC 2014, Revised Selected Papers

A2 - Safavi-Naini, Reihaneh

A2 - Christin, Nicolas

PB - Springer- Verlag

T2 - 18th International Conference on Financial Cryptography and Data Security, FC 2014

Y2 - 3 March 2014 through 7 March 2014

ER -