International Conference on Security and Privacy in Communication Networks. 10th International ICST Conference, SecureComm 2014, Beijing, China, September 24-26, 2014, Revised Selected Papers, Part I

Research Article

JumpBox – A Seamless Browser Proxy for Tor Pluggable Transports

Download
478 downloads
  • @INPROCEEDINGS{10.1007/978-3-319-23829-6_44,
        author={Jeroen Massar and Ian Mason and Linda Briesemeister and Vinod Yegneswaran},
        title={JumpBox -- A Seamless Browser Proxy for Tor Pluggable Transports},
        proceedings={International Conference on Security and Privacy in Communication Networks. 10th International ICST Conference, SecureComm 2014, Beijing, China, September 24-26, 2014, Revised Selected Papers, Part I},
        proceedings_a={SECURECOMM},
        year={2015},
        month={11},
        keywords={},
        doi={10.1007/978-3-319-23829-6_44}
    }
    
  • Jeroen Massar
    Ian Mason
    Linda Briesemeister
    Vinod Yegneswaran
    Year: 2015
    JumpBox – A Seamless Browser Proxy for Tor Pluggable Transports
    SECURECOMM
    Springer
    DOI: 10.1007/978-3-319-23829-6_44
Jeroen Massar1,*, Ian Mason2,*, Linda Briesemeister2,*, Vinod Yegneswaran2,*
  • 1: Farsight Security, Inc.
  • 2: SRI International
*Contact email: massar@fsi.io, iam@csl.sri.com, linda@csl.sri.com, vinod@csl.sri.com

Abstract

Anonymity systems such as Tor are being blocked by many countries, as they are increasingly being used to circumvent censorship systems. As a response, several pluggable transport (proxy) systems have been developed that obfuscate the first hop of the Tor circuit (i.e., the connection between the Tor client and the bridge node). In this paper, we tackle a common challenge faced by all web-based pluggable transports – the need to perfectly emulate the complexities of a web-browser and web-server. To that end, we propose a new system called the JumpBox that readily integrates with existing pluggable transports and avoids emulation by forwarding the HTTP/HTTPS requests through a real browser and webserver. We evaluate our system using multiple pluggable transports and demonstrate that it imposes minimal additional overhead.