Exploring Tor's Activity Through Long-Term Passive TLS Traffic Measurement
نویسندگان
چکیده
Tor constitutes one of the pillars of anonymous online communication. It allows its users to communicate while concealing from observers their location as well as the Internet resources they access. Since its first release in 2002, Tor has enjoyed an increasing level of popularity with now commonly more than 2,000,000 simultaneous active clients on the network. However, even though Tor is widely popular, there is only little understanding of the large-scale behavior of its network clients. In this paper, we present a longitudinal study of the Tor network based on passive analysis of TLS traffic at the Internet uplinks of four large universities inside and outside of the US. We show how Tor traffic can be identified by properties of its autogenerated certificates, and we use this knowledge to analyze characteristics and development of Tor’s traffic over more than three years.
منابع مشابه
Detecting Bot Networks Based On HTTP And TLS Traffic Analysis
Abstract— Bot networks are a serious threat to cyber security, whose destructive behavior affects network performance directly. Detecting of infected HTTP communications is a big challenge because infected HTTP connections are clearly merged with other types of HTTP traffic. Cybercriminals prefer to use the web as a communication environment to launch application layer attacks and secretly enga...
متن کاملHTTPS traffic analysis and client identification using passive SSL/TLS fingerprinting
The encryption of network traffic complicates legitimate network monitoring, traffic analysis, and network forensics. In this paper, we present real-time lightweight identification of HTTPS clients based on network monitoring and SSL/TLS fingerprinting. Our experiment shows that it is possible to estimate the User-Agent of a client in HTTPS communication via the analysis of the SSL/TLS handshak...
متن کاملEstimating Method of Short-Interval-Traffic Distribution Considering Long-Term-Traffic Dynamics for Multimedia QoS Management
Analyzing short-interval-traffic behaviors is important for network performance management to realize high quality multimedia applications. However, it is difficult to measure short-interval-traffic volumes because there are complications in collecting short-interval-traffic data from routers. An example is a heavy load on routers or inaccurate measurement by the short-polling interval; it even...
متن کاملFlow Cytometric Measurement of CD41/CD61 and CD42b Platelet Receptors and Clotting Assay of Platelet Factor 3 During Long Term-Storage of Platelet Concentrates
Background: The purpose of the present in vitro study was to evaluate the effect of long term storage of conventional platelet concentrates (PCs) on major platelet receptors CD42b and CD41/CD61 by flow cytometry method and also measuring the overall platelet procoagulant activity status using platelet factor 3 (PF3) assay. Materials and Methods: Six random units of conventional platelet conce...
متن کاملThe role of hippocampal nitric oxide in passive avoidance learning
Abstract: Introduction: Nitric oxide (NO) is a retrograde messenger in hippocampal synaptic plasticity which involves in learning and memory processes. Previous studies revealed that hippocampal pyramidal cells contain NO synthase (NOS) enzyme which produce NO and could be a promising target to evaluate the role of NO in brain cognitive functions. So in this study, using NOS inhibitor (L-NAME)...
متن کامل