Online Archive of University of Virginia Scholarship
Implementing Traffic Correlation Attacks on Partially-Simulated Mobile Tor Traffic314 views
Author
De Souza Azevedo, Marco, Computer Engineering - School of Engineering and Applied Science, University of Virginia0000-0002-2597-929X
Advisors
Sun, Yixin, EN-Comp Science Dept, University of Virginia
Abstract
Anonymity systems are still plagued by traffic correlation attacks, in which an attacker that is observing both ends of the communication can potentially deanonymize users by correlating low latency traffic streams going in and out of those systems. However, previous work has primarily studied traffic correlation attacks on non-mobile users, whereas the effect on mobile users is yet to be investigated. We take the first step at uncovering the new threat to mobile users by recreating traffic correlation attacks in a simulated cellular environment. We first used the network simulator NS-3 to perform traffic correlation attacks against mobile Tor clients by using previously captured, real-world Tor traffic to drive the simulation. We obtained a success rate of 85% when deanonymizing users. In addition, we programmed NS-3 to enable the simulated nodes to interact with real networks, which can further be used to connect the simulated Tor mobile client to the real Tor network for future evaluations.
De Souza Azevedo, Marco. Implementing Traffic Correlation Attacks on Partially-Simulated Mobile Tor Traffic. University of Virginia, Computer Engineering - School of Engineering and Applied Science, MS (Master of Science), 2021-04-26, https://doi.org/10.18130/q2np-pn57.
