Throttling tor bandwidth parasites

Rob Jansen, Paul Syverson, Nicholas Hopper

Research output: Contribution to conferencePaperpeer-review

25 Scopus citations


Tor is vulnerable to network congestion and performance problems due to bulk data transfers. A large fraction of the available network capacity is consumed by a small percentage of Tor users, resulting in severe service degradation for the majority. Bulk users continuously drain relays of excess bandwidth, creating new network bottlenecks and exacerbating the effects of existing ones. While this problem may currently be attributed to rational users utilizing the network, it may also be exploited by a relatively low-resource adversary using similar techniques to contribute to a network denial of service (DoS) attack. Degraded service discourages the use of Tor, affecting both Tor’s client diversity and anonymity. Equipped with mechanisms from communication networks, we design and implement three Tor-specific algorithms that throttle bulk transfers to reduce network congestion and increase network responsiveness. Unlike existing techniques, our algorithms adapt to network dynamics using only information local to a relay. We experiment with full-network deployments of our algorithms under a range of light to heavy network loads. We find that throttling results in significant improvements to web client performance while mitigating the negative effects of bulk transfers. We also analyze how throttling affects anonymity and compare the security of our algorithms under adversarial attack. We find that throttling reduces information leakage compared to unthrottled Tor while improving anonymity against realistic adversaries.

Original languageEnglish (US)
Number of pages15
StatePublished - Jan 1 2012
Externally publishedYes
Event21st USENIX Security Symposium - Bellevue, United States
Duration: Aug 8 2012Aug 10 2012


Conference21st USENIX Security Symposium
CountryUnited States

Fingerprint Dive into the research topics of 'Throttling tor bandwidth parasites'. Together they form a unique fingerprint.

Cite this