Experimentation tools facilitate exploration of Tor performance and security research problems and allow researchers to safely and privately conduct Tor experiments without risking harm to real Tor users. However, researchers using these tools configure them to generate network traffic based on simplifying assumptions and outdated measurements and without understanding the efficacy of their configuration choices. In this work, we design a novel technique for dynamically learning Tor network traffic models using hidden Markov modeling and privacy-preserving measurement techniques. We conduct a safe but detailed measurement study of Tor using 17 relays (~2% of Tor bandwidth) over the course of 6 months, measuring general statistics and models that can be used to generate a sequence of streams and packets. We show how our measurement results and traffic models can be used to generate traffic flows in private Tor networks and how our models are more realistic than standard and alternative network traffic generation methods.
|Original language||English (US)|
|Title of host publication||CCS 2018 - Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security|
|Publisher||Association for Computing Machinery|
|Number of pages||18|
|State||Published - Oct 15 2018|
|Event||25th ACM Conference on Computer and Communications Security, CCS 2018 - Toronto, Canada|
Duration: Oct 15 2018 → …
|Name||Proceedings of the ACM Conference on Computer and Communications Security|
|Other||25th ACM Conference on Computer and Communications Security, CCS 2018|
|Period||10/15/18 → …|
Bibliographical noteFunding Information:
We thank the anonymous reviewers for their feedback and suggestions to improve the paper. We thank Tim Wilson-Brown for running some of the Tor relays and PrivCount nodes that we used to measure Tor, Ryan Wails for the discussion about modeling Internet latency, and Ryan Wails and Phillip Winter for donating RIPE Atlas credits that we used to run Atlas measurements. This work has been partially supported by the Office of Naval Research, the National Science Foundation under grant numbers CNS-1527401 and CNS-1314637, and the Department of Homeland Security Science and Technology Directorate, Homeland Security Advanced Research Projects Agency, Cyber Security Division under agreement number FTCY1500057. The views expressed in this work are strictly those of the authors and do not necessarily reflect the official policy or position of any employer or funding agency.