The Path Less Travelled: Overcoming Tor's Bottlenecks with Traffic Splitting
نویسندگان
چکیده
Tor is the most popular low-latency anonymity network for enhancing ordinary users’ online privacy and resisting censorship. While it has grown in popularity, Tor has a variety of performance problems that result in poor quality of service, a strong disincentive to use the system, and weaker anonymity properties for all users. We observe that one reason why Tor is slow is due to lowbandwidth volunteer-operated routers. When clients use a low-bandwidth router, their throughput is limited by the capacity of the slowest node. With the introduction of bridges—unadvertised Tor routers that provide Tor access to users within censored regimes like China—low-bandwidth Tor routers are becoming more common and essential to Tor’s ability to resist censorship. In this paper, we present Conflux, a dynamic traffic-splitting approach that assigns traffic to an overlay path based on its measured latency. Because it enhances the load-balancing properties of the network, Conflux considerably increases performance for clients using low-bandwidth bridges. Moreover, Conflux significantly improves the experience of users who watch streaming videos online. Through live measurements and a whole-network evaluation conducted on a scalable network emulator, we show that our approach offers an improvement of approximately 30% in expected download time for web browsers who use Tor bridges and for streaming application users. We also show that Conflux introduces only slight tradeoffs between users’ anonymity and performance.
منابع مشابه
The Path Less Travelled: Overcoming Tor’s Bottlenecks with Multipaths
Tor is the most popular low-latency anonymity network for enhancing ordinary users’ online privacy and resisting censorship. While it has grown in popularity, Tor has a variety of performance problems that result in poor quality of service, a strong disincentive to use the system, and weaker anonymity properties for all users. We observe that one reason why Tor is slow is due to lowbandwidth vo...
متن کاملAvoiding The Man on the Wire: Improving Tor's Security with Trust-Aware Path Selection
Tor users are vulnerable to deanonymization by an adversary that can observe some Tor relays or some parts of the network. We demonstrate that previous network-aware path-selection algorithms that propose to solve this problem are vulnerable to attacks across multiple Tor connections. We suggest that users use trust to choose the paths through Tor that are less likely to be observed, where trus...
متن کاملThe Effect of DNS on Tor's Anonymity
Previous attacks that link the sender and receiver of traffic in the Tor network (“correlation attacks”) have generally relied on analyzing traffic from TCP connections. The TCP connections of a typical client application, however, are often accompanied by DNS requests and responses. This additional traffic presents more opportunities for correlation attacks. This paper quantifies how DNS traff...
متن کاملAvoiding Ties in Shortest Path First Routing
First we discuss problems associated with ties and flow splitting with shortest path first protocols such as OSPF and IS-IS. The problems relate to uncertainty in the splitting when there are multiple shortest path from a source to a destination. Even if routers are configured for even splitting, there can easily be unpredicted biases that can overload links and thereby affect quality of servic...
متن کاملLoad-Balanced Routing via Bounded Randomization
Future computer networks are expected to carry bursty traffic. Shortest-path routing protocols have the disadvantage of causing bottlenecks due to their single-path routing. That is, the shortest path between a source and a destination may become highly congested even when many other paths have low utilization. We propose a routing scheme that distributes traffic over the whole network via boun...
متن کامل