Hardening Tor Hidden Services
Tippe, Pascal (2023-01-09)
Hardening Tor Hidden Services
(09.01.2023)
Julkaisu on tekijänoikeussäännösten alainen. Teosta voi lukea ja tulostaa henkilökohtaista käyttöä varten. Käyttö kaupallisiin tarkoituksiin on kielletty.
avoin
Julkaisun pysyvä osoite on:
https://urn.fi/URN:NBN:fi-fe202301163062
https://urn.fi/URN:NBN:fi-fe202301163062
Tiivistelmä
Tor is an overlay anonymization network that provides anonymity for clients surfing the web but also allows hosting anonymous services called hidden services. These enable whistleblowers and political activists to express their opinion and resist censorship. Administrating a hidden service is not trivial and requires extensive knowledge because Tor uses a comprehensive protocol and relies on volunteers. Meanwhile, attackers can spend significant resources to decloak them. This thesis aims to improve the security of hidden services by providing practical guidelines and a theoretical architecture. First, vulnerabilities specific to hidden services are analyzed by conducting an academic literature review. To model realistic real-world attackers, court documents are analyzed to determine their procedures. Both literature reviews classify the identified vulnerabilities into general categories.
Afterward, a risk assessment process is introduced, and existing risks for hidden services and their operators are determined. The main contributions of this thesis are practical guidelines for hidden service operators and a theoretical architecture. The former provides operators with a good overview of practices to mitigate attacks. The latter is a comprehensive infrastructure that significantly increases the security of hidden services and alleviates problems in the Tor protocol. Afterward, limitations and the transfer into practice are analyzed. Finally, future research possibilities are determined.
Afterward, a risk assessment process is introduced, and existing risks for hidden services and their operators are determined. The main contributions of this thesis are practical guidelines for hidden service operators and a theoretical architecture. The former provides operators with a good overview of practices to mitigate attacks. The latter is a comprehensive infrastructure that significantly increases the security of hidden services and alleviates problems in the Tor protocol. Afterward, limitations and the transfer into practice are analyzed. Finally, future research possibilities are determined.
Samankaltainen aineisto
Näytetään aineisto, joilla on samankaltaisia nimekkeitä, tekijöitä tai asiasanoja.
-
The Hidden Hazards of Job Hunting: Third-Party Services on Job Search Websites
<p>This paper explores third-party services and trackers used on job search websites. We analyze what kind of data on the job search process is sent to these third parties and whether users have a fair possibility to ... -
What are the hidden costs drivers of cloud migrations at corporate banks?
(23.08.2019)Cloud computing is the fastest growing part of the IT industry and is a solution to effectively man- age data. Cloud computing is an evolved form of traditional IT outsourcing and it has been identified that hidden cost ...avoin -
The hidden admission agendas in Finnish primary teacher education in the 1990s, 2000s and 2010s
<p>Applicants’ suitability for the teaching profession has been underlined in admissions to Finnish primary teacher education. Nevertheless, hidden agendas beyond teacher competence frameworks and attribute definitions ...
