Securing Tor Tunnels Under the Selective-DoS Attack
Low-latency anonymity networks like Tor are subject to selective Denial-of-Service (DoS) attack. Selective-DoS attack lowers anonymity as it forces paths to be rebuilt multiple times to ensure delivery which increases the opportunity for more attack. In this paper, the authors present a detection algorithm which filters out compromised tunnels from a set of Tor tunnels to ensure better anonymity. Their detection algorithm uses two levels of probing to filter out potentially compromised tunnels. They perform probabilistic analysis and extensive simulation to show the robustness of their detection algorithm. They also analyze the cost of their algorithm and show a tradeoff between security and communication overhead. Real world experiments reveal that their detection algorithm provides good defense against selective-DoS attack.