LASTor : A Low-Latency AS-Aware Tor Client
description
Transcript of LASTor : A Low-Latency AS-Aware Tor Client
![Page 1: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/1.jpg)
LASTor: A Low-Latency AS-Aware Tor Client
Masoud Akhoondi, Curtis Yu, Harsha V. Madhyastha
![Page 2: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/2.jpg)
Tor (The onion router)
S
D
R1
R2
R3
• 400,000 users• 2700 relays
• Anonymity- Each hop only knows previous and next hop on a path
• Low latency communication- 90% of Tor traffic is interactive [Mccoy08]
![Page 3: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/3.jpg)
3
How are latencies on Tor?
• Experiment:– Sources:
• 50 PlanetLab nodes spread across globe
– Destinations:• Top 200 websites 5x inflation
in median
![Page 4: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/4.jpg)
Exit relay
Relay 2
Entry relay
Profiling attack on Tor
Entrysegment
Exitsegment
Green AS (Autonomous System) can eavesdrop on both end segments of path[Murdoch07]
DS
![Page 5: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/5.jpg)
5
How severe is profiling attack?
65% of relays are in 20% of all ASes
Non-uniform distribution of relays across ASes
![Page 6: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/6.jpg)
Potential solution for these problems
• Measure latencies and routes from each relay to all end-hosts [Sherr09, Alsabah11, Mittall11]– Requires modification of relays
• None of these proposals deployed yet– Non-trivial to implement
![Page 7: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/7.jpg)
Main insight: Client modifications suffice
Improve poor latency for interactive communications
Mitigate profiling attack
LASTor: A low-latency AS-aware Tor client
![Page 8: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/8.jpg)
Main insight: Client modifications suffice
Solution: Modified path
selection to reduce latency
Solution: AS-aware path selection
Improve poor latency for interactive communications
Mitigate profiling attack
![Page 9: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/9.jpg)
Sources of latency on Tor• Queuing and processing delay
– Congestion in relays [Panchenko09]• Propagation delay
– Long paths
Goal: Improve latency
D
S
![Page 10: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/10.jpg)
10
Shortest path vs. Default Tor
• Destinations:– Top 200 websites
• Sources:– 50 PlanetLab nodes
spread across globe• Map relays to
geographical locations
Shorter paths can greatly reduce latency
50% improvement in median
Goal: Improve latency
Path should not be deterministic Weighted Shortest Path (WSP)
![Page 11: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/11.jpg)
11
Weighted Shortest Path (WSP)• WSP computes length of all possible paths• Probability of choosing is inversely proportional
to its length
Goal: Improve latency
1
1 3
2
34
1
3
Path Length Prob.Upper
8 0.56
Lower 10 0.44
![Page 12: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/12.jpg)
Goal: Improve latency
An Attack on WSP
1
13
2
3
4
1
3
Original prob. Prob.Compromised paths 0.56 0.8
Other paths 0.44 0.2
Attacker controls a relay
![Page 13: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/13.jpg)
Goal: Improve latency
Solution: Clustering of relays
1
13
2
3
4
1
3
• Run WSP using clusters of relays• For chosen cluster-level path, randomly pick a relay in each cluster
![Page 14: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/14.jpg)
Goal: Improve latency
Solution: Clustering of relays
1
13
2
3
4
1
3
Prob.Compromised paths 0.56
Other paths 0.44
![Page 15: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/15.jpg)
Weighted Shortest Path (WSP)
• Preprocessing– Cluster all relays
• Path selection– Computes length of possible paths using clusters– Choose a path with a probability inversely proportional to
its length– Pick a relay randomly in each chosen cluster
• Other issues (see paper)– Handling multi-location destinations– Choosing entry relays
Goal: Improve latency
![Page 16: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/16.jpg)
16
WSP reduces latency
50 PlanetLab nodes to top 200 websites
20% improvement in 80th percentile
Goal: Improve latency
25% improvement in median
![Page 17: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/17.jpg)
17
Tunable path selection in LASTor
• Modify WSP to consider user’s preference towards:– Anonymity – Latency
• Single parameter α configured by user:– Modified weight w to w(1-α) where 0 ≤α≤ 1
0 1α
Lowest latency Highest anonymity
Goal: Improve latency
![Page 18: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/18.jpg)
Tunable path selection in LASTor
Gini Coefficient measure of inequality in a distribution 0: perfect equality 1: maximal inequality
18
Lower α, lower latency Higher α, higher anonymity
Goal: Improve latency
![Page 19: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/19.jpg)
Main insight: Client modifications suffice
Solution:Modified path
selection to reduce latency
Solution: AS-aware path selection
Improve poor latency for interactive communications
Mitigate profiling attack
![Page 20: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/20.jpg)
Exit relay
Relay 2
Entry relay
Profiling attack on a path
Entrysegment
Exitsegment
Green AS (Autonomous System) can eavesdrop on both end segments of path[Murdoch07]
Goal: Detect common ASes on entry and exit segments
DS
Goal: AS-aware
![Page 21: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/21.jpg)
Simple heuristic does not work
• Default Tor ensures no two Tor relays in same /16• False negative: fraction of paths with common AS not detected
57% of common AS instances are missed
Goal: AS-aware
![Page 22: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/22.jpg)
Need for predicting AS paths• Approach 1: Measure routes from relays to all end hosts
– Need to modify relays• Approach 2: Infer AS-level routes
– Several techniques exist [Mao05, Madhyastha06, Madhyastha09, Lee11]
– At best 70% accuracy
Goal: AS-aware
Exit relay D
![Page 23: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/23.jpg)
Our solution: AS set predictionGoal: AS-aware
Predict ASes on all paths compliant with routing policies
Exit relay D
![Page 24: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/24.jpg)
Our solution: AS set predictionGoal: AS-aware
Predict ASes on all paths compliant with routing policies
Exit relay D
![Page 25: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/25.jpg)
Our solution: AS set prediction
• Input [13MB initially, 1.5MB weekly]– Topology graph at AS-level– Estimate of AS path length– Compact representation routing policies:• Triple of (AS1, AS2, AS3) where AS1AS2AS3
• Algorithm– Modified version of Dijkstra’s algorithm
• Output– Set of ASes on policy-compliant routes
Goal: AS-aware
![Page 26: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/26.jpg)
26
AS set based prediction is accurate
11% of common AS instances are missed
Goal: AS-aware
57% of common AS instances are missed
• False negative: fraction of paths with common AS not detectedAny path selection algorithm can use AS set predcition to avoid profiling attack
![Page 27: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/27.jpg)
27
LASTor Latency
50 PlanetLab nodes to top 200 websites
![Page 28: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/28.jpg)
28
Summary
• Demonstrated client side changes are sufficient for:– Lower latency– Higher anonymity
• Designed and implemented LASTor– Reduces median latency by 25%– Reduces median false negative of common AS from 57% to 11%
![Page 29: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/29.jpg)
29
Thank you
![Page 30: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/30.jpg)
30
How does Tor work? (Onion Routing)
R4 R5
R3
R2
R1
ServerClient
Entry Relay (guard)
Middle Relay
Exit Relay
- 300,000 users- 2700 relays
![Page 31: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/31.jpg)
Is distance a good estimation of latency?
• Choose two different paths:– WSP(latency)– WSP(distance)
• Measure latency on these two paths
There is no significant difference between these two metrics 31
• 50 planetlab nodes as source and top 200 websites as destination
![Page 32: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/32.jpg)
32
Accuracy of AS-set prediction algorithmGoal: AS-aware
![Page 33: LASTor : A Low-Latency AS-Aware Tor Client](https://reader035.fdocuments.net/reader035/viewer/2022062310/56816291550346895dd2fedd/html5/thumbnails/33.jpg)
33
Clustering of relays reduces:- Probability of the attack- Running time of WSP
• Adversary replicates 10% most popular relays 25 times• Compute probability of the chosen path traversing a malicious relay
Goal: Improve latencyAttack on WSP
50% reduction