[spam][wrong] Traffic Exhaustion Attack to Enumerate Tor Circuits as a 3rd Party
One factor this working depends on would be whether or not tor has put efforts in place to mitigate it. Assumption: you have a statistical model for behavior via a circuit, possibly crafted after the attack. 1. Completely exhaust bandwidth via as many tor nodes as possible, ideally by crafting single-hop circuits. Using this approach, find a way to measure gaps in available bandwidth: times others are using the bandwidth. 2. Compare measurements between nodes so as to identify circuit connections. How then to anonymize one's behavior? A user can do various things to exhaust bandwidth themselves using cover traffic, but it seems quite hard to fully prevent some shape from sticking out, [composition halted here via unexpected cognitive change]
I'm guessing you could perform the same 1-hop many-nodes approach to specifically counter the impact of a circuit.
participants (1)
-
Undiscussed Horrific Abuse, One Victim of Many