loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Author: Michael Sonntag

Affiliation: Institute of Networks and Security, Johannes Kepler University, Altenbergerstr 69, A-4040 Linz and Austria

Keyword(s): Anonymization, Tor, DNS, Malicious Behaviour.

Related Ontology Subjects/Areas/Topics: Information and Systems Security ; Privacy Enhancing Technologies

Abstract: Anonymization is commonly seen as useful only for people that have something to hide. Tor exit nodes are therefore associated with malicious behaviour and especially the so-called “darknet”. While the Tor network supports hidden services, and a large share of these serve illegal purposes, most of the traffic in the Tor network exits to the normal Internet and could be, and probably is, legal. We investigate this by taking a look at the DNS requests of a high-bandwidth exit node. We observe some malicious behaviour (especially DNS scans), questionable targets (both widely seen as immoral as well as very likely illegal in most countries), and careless usage. However, all these, while undoubtable undesirable, make up only a small share of the exit traffic. We then propose some additions to reduce the detected malicious use.

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 18.118.0.240

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Sonntag, M. (2019). Malicious DNS Traffic in Tor: Analysis and Countermeasures. In Proceedings of the 5th International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-359-9; ISSN 2184-4356, SciTePress, pages 536-543. DOI: 10.5220/0007471205360543

@conference{icissp19,
author={Michael Sonntag.},
title={Malicious DNS Traffic in Tor: Analysis and Countermeasures},
booktitle={Proceedings of the 5th International Conference on Information Systems Security and Privacy - ICISSP},
year={2019},
pages={536-543},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0007471205360543},
isbn={978-989-758-359-9},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 5th International Conference on Information Systems Security and Privacy - ICISSP
TI - Malicious DNS Traffic in Tor: Analysis and Countermeasures
SN - 978-989-758-359-9
IS - 2184-4356
AU - Sonntag, M.
PY - 2019
SP - 536
EP - 543
DO - 10.5220/0007471205360543
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic