Online Tor Privacy Breach Through Website Fingerprinting Attack

Tor is one of the most widely used anonymization networks based on onion router that it preserves user’s privacy and secure data flow over the Internet communications. Due to the growing utilization of Tor, Identifying its weaknesses and fixing them is crucial. This study focuses on the website fingerprinting attack and offers a new procedure based on FFT to calculate the similarity distance between two instances and form a distance matrix. By applying the proposed method, we demonstrate that either accuracy grows significantly or the time complexity reduces such that it is applicable in an online manner. In order to evaluate the capability of the proposed method to defeat user privacy, we applied it in an open-world scenario for 100 target websites and achieved a TP rate of over 96%, while the FP rate is 0%, compared to the best of 85% TP rate with a FP rate of 0.6% in the existing works. In a closed-world scenario, we attained an accuracy of over 97% that compared to a similar study, it shows a meaningful improvement. In addition, a new model based on the combination of open and closed-world scenarios is also presented. In this model, the time complexity of the preprocessing and visited website detection stages are reduced by a factor of 60 and 465, times respectively, compared to previous studies. By using this model, it is possible to manage the detection procedure in an online process, providing an update mechanism for distance matrix in case of immediate variations.