In August 2013, the Tor network experienced a sudden, drastic reduction in performance due to the Mevade/Sefnit botnet. This botnet ran its command and control server as a Tor hidden service, so that all infected nodes contacted the command and control through Tor. In this paper, we consider several protocol changes to protect Tor against future incidents of this nature, describing the research challenges that must be solved in order to evaluate and deploy each of these methods. In particular, we consider four technical approaches: resource-based throttling, guard node throttling, reuse of failed partial circuits, and hidden service circuit isolation.
|Original language||English (US)|
|Title of host publication||Financial Cryptography and Data Security - 18th International Conference, FC 2014, Revised Selected Papers|
|Editors||Reihaneh Safavi-Naini, Nicolas Christin|
|Number of pages||10|
|State||Published - 2014|
|Event||18th International Conference on Financial Cryptography and Data Security, FC 2014 - Christ Church, Barbados|
Duration: Mar 3 2014 → Mar 7 2014
|Name||Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)|
|Other||18th International Conference on Financial Cryptography and Data Security, FC 2014|
|Period||3/3/14 → 3/7/14|
Bibliographical noteFunding Information:
Thanks to Mike Perry, Ian Goldberg, Yoshi Kohno, and Roger Dingledine for helpful comments about the problems discussed in this paper. This work was supported by the U.S. National Science Foundation under grants 1111734 and 1314637 and DARPA.
© International Financial Cryptography Association 2014.