LASTor : A Low-Latency AS-Aware Tor Client
description
Transcript of LASTor : A Low-Latency AS-Aware Tor Client
LASTor: A Low-Latency AS-Aware Tor Client
Masoud Akhoondi, Curtis Yu, Harsha V. Madhyastha
Tor (The onion router)
S
D
R1
R2
R3
• 400,000 users• 2700 relays
• Anonymity- Each hop only knows previous and next hop on a path
• Low latency communication- 90% of Tor traffic is interactive [Mccoy08]
3
How are latencies on Tor?
• Experiment:– Sources:
• 50 PlanetLab nodes spread across globe
– Destinations:• Top 200 websites 5x inflation
in median
Exit relay
Relay 2
Entry relay
Profiling attack on Tor
Entrysegment
Exitsegment
Green AS (Autonomous System) can eavesdrop on both end segments of path[Murdoch07]
DS
5
How severe is profiling attack?
65% of relays are in 20% of all ASes
Non-uniform distribution of relays across ASes
Potential solution for these problems
• Measure latencies and routes from each relay to all end-hosts [Sherr09, Alsabah11, Mittall11]– Requires modification of relays
• None of these proposals deployed yet– Non-trivial to implement
Main insight: Client modifications suffice
Improve poor latency for interactive communications
Mitigate profiling attack
LASTor: A low-latency AS-aware Tor client
Main insight: Client modifications suffice
Solution: Modified path
selection to reduce latency
Solution: AS-aware path selection
Improve poor latency for interactive communications
Mitigate profiling attack
Sources of latency on Tor• Queuing and processing delay
– Congestion in relays [Panchenko09]• Propagation delay
– Long paths
Goal: Improve latency
D
S
10
Shortest path vs. Default Tor
• Destinations:– Top 200 websites
• Sources:– 50 PlanetLab nodes
spread across globe• Map relays to
geographical locations
Shorter paths can greatly reduce latency
50% improvement in median
Goal: Improve latency
Path should not be deterministic Weighted Shortest Path (WSP)
11
Weighted Shortest Path (WSP)• WSP computes length of all possible paths• Probability of choosing is inversely proportional
to its length
Goal: Improve latency
1
1 3
2
34
1
3
Path Length Prob.Upper
8 0.56
Lower 10 0.44
Goal: Improve latency
An Attack on WSP
1
13
2
3
4
1
3
Original prob. Prob.Compromised paths 0.56 0.8
Other paths 0.44 0.2
Attacker controls a relay
Goal: Improve latency
Solution: Clustering of relays
1
13
2
3
4
1
3
• Run WSP using clusters of relays• For chosen cluster-level path, randomly pick a relay in each cluster
Goal: Improve latency
Solution: Clustering of relays
1
13
2
3
4
1
3
Prob.Compromised paths 0.56
Other paths 0.44
Weighted Shortest Path (WSP)
• Preprocessing– Cluster all relays
• Path selection– Computes length of possible paths using clusters– Choose a path with a probability inversely proportional to
its length– Pick a relay randomly in each chosen cluster
• Other issues (see paper)– Handling multi-location destinations– Choosing entry relays
Goal: Improve latency
16
WSP reduces latency
50 PlanetLab nodes to top 200 websites
20% improvement in 80th percentile
Goal: Improve latency
25% improvement in median
17
Tunable path selection in LASTor
• Modify WSP to consider user’s preference towards:– Anonymity – Latency
• Single parameter α configured by user:– Modified weight w to w(1-α) where 0 ≤α≤ 1
0 1α
Lowest latency Highest anonymity
Goal: Improve latency
Tunable path selection in LASTor
Gini Coefficient measure of inequality in a distribution 0: perfect equality 1: maximal inequality
18
Lower α, lower latency Higher α, higher anonymity
Goal: Improve latency
Main insight: Client modifications suffice
Solution:Modified path
selection to reduce latency
Solution: AS-aware path selection
Improve poor latency for interactive communications
Mitigate profiling attack
Exit relay
Relay 2
Entry relay
Profiling attack on a path
Entrysegment
Exitsegment
Green AS (Autonomous System) can eavesdrop on both end segments of path[Murdoch07]
Goal: Detect common ASes on entry and exit segments
DS
Goal: AS-aware
Simple heuristic does not work
• Default Tor ensures no two Tor relays in same /16• False negative: fraction of paths with common AS not detected
57% of common AS instances are missed
Goal: AS-aware
Need for predicting AS paths• Approach 1: Measure routes from relays to all end hosts
– Need to modify relays• Approach 2: Infer AS-level routes
– Several techniques exist [Mao05, Madhyastha06, Madhyastha09, Lee11]
– At best 70% accuracy
Goal: AS-aware
Exit relay D
Our solution: AS set predictionGoal: AS-aware
Predict ASes on all paths compliant with routing policies
Exit relay D
Our solution: AS set predictionGoal: AS-aware
Predict ASes on all paths compliant with routing policies
Exit relay D
Our solution: AS set prediction
• Input [13MB initially, 1.5MB weekly]– Topology graph at AS-level– Estimate of AS path length– Compact representation routing policies:• Triple of (AS1, AS2, AS3) where AS1AS2AS3
• Algorithm– Modified version of Dijkstra’s algorithm
• Output– Set of ASes on policy-compliant routes
Goal: AS-aware
26
AS set based prediction is accurate
11% of common AS instances are missed
Goal: AS-aware
57% of common AS instances are missed
• False negative: fraction of paths with common AS not detectedAny path selection algorithm can use AS set predcition to avoid profiling attack
27
LASTor Latency
50 PlanetLab nodes to top 200 websites
28
Summary
• Demonstrated client side changes are sufficient for:– Lower latency– Higher anonymity
• Designed and implemented LASTor– Reduces median latency by 25%– Reduces median false negative of common AS from 57% to 11%
29
Thank you
30
How does Tor work? (Onion Routing)
R4 R5
R3
R2
R1
ServerClient
Entry Relay (guard)
Middle Relay
Exit Relay
- 300,000 users- 2700 relays
Is distance a good estimation of latency?
• Choose two different paths:– WSP(latency)– WSP(distance)
• Measure latency on these two paths
There is no significant difference between these two metrics 31
• 50 planetlab nodes as source and top 200 websites as destination
32
Accuracy of AS-set prediction algorithmGoal: AS-aware
33
Clustering of relays reduces:- Probability of the attack- Running time of WSP
• Adversary replicates 10% most popular relays 25 times• Compute probability of the chosen path traversing a malicious relay
Goal: Improve latencyAttack on WSP
50% reduction