2021
DOI: 10.1109/comst.2021.3093615
|View full text |Cite
|
Sign up to set email alerts
|

De-Anonymisation Attacks on Tor: A Survey

Abstract: Anonymity networks are becoming increasingly popular in today's online world as more users attempt to safeguard their online privacy. Tor is currently the most popular anonymity network in use and provides anonymity to both users and services (hidden services). However, the anonymity provided by Tor is also being misused in various ways. Hosting illegal sites for selling drugs, hosting command and control servers for botnets, and distributing censored content are but a few such examples. As a result, various p… Show more

Help me understand this report
View preprint versions

Search citation statements

Order By: Relevance

Paper Sections

Select...
4
1

Citation Types

0
18
0
1

Year Published

2022
2022
2024
2024

Publication Types

Select...
4
3
1
1

Relationship

0
9

Authors

Journals

citations
Cited by 44 publications
(19 citation statements)
references
References 85 publications
0
18
0
1
Order By: Relevance
“…Note that all the clients can only obtain proxies information from the proxy distributor, which is a reasonable assumption exploited in rBridge [13] and HypoTor [15] as well. Network‐level proxy identification attacks such as traffic fingerprinting attacks, man‐in‐the‐middle attacks, and probing attacks are not considered in the proxy distribution issue since the existing defense mechanisms against these kinds of attacks have been proved effective and practical [36].…”
Section: System Model and Related Metricsmentioning
confidence: 99%
“…Note that all the clients can only obtain proxies information from the proxy distributor, which is a reasonable assumption exploited in rBridge [13] and HypoTor [15] as well. Network‐level proxy identification attacks such as traffic fingerprinting attacks, man‐in‐the‐middle attacks, and probing attacks are not considered in the proxy distribution issue since the existing defense mechanisms against these kinds of attacks have been proved effective and practical [36].…”
Section: System Model and Related Metricsmentioning
confidence: 99%
“…Tor adopts perfect forward secrecy and multi-layer proxy technology to ensure data confidentiality, making Tor traffic difficult to trace and providing a new way for criminals to commit crimes. Malicious users abuse the Tor network to hide their attacks and damage the security of communication systems, such as arms, hacker dealing, child pornography and botnets [2]. Therefore, Tor traffic tracking is crucial for maintaining network security and combating cybercrime.…”
Section: Introductionmentioning
confidence: 99%
“…These features have small intra-class gaps but large inter-class gaps, which can characterise the Tor traffic of different applications. (2) We propose FlowMFD, a finer-grained Tor traffic classification method using MFDCF and spatial-temporal modelling. (3) Extensive experiments conducted on the ISCXTor2016 and self-collected datasets show that FlowMFD significantly outperforms other state-of-the-art methods in terms of accuracy and Macro-F1, demonstrating its superiority in classifying specific Tor applications.…”
Section: Introductionmentioning
confidence: 99%
“…On a technical level, available tools are far from perfect. The Tor project [70] although popular with 2M active users [68], is vulnerable to de-anonymization [40], denial of service (DoS) [35], and traffic analysis [52]. Because Tor can be automatically fingerprinted [25,64], it is also easy to block (ironically, the authors of this paper themselves were blocked from accessing the Tor project's website on their organization network).…”
Section: Introductionmentioning
confidence: 99%