Deep Web Users Deanonimization System

Privacy enhancing technologies (PETs) are ubiquitous nowadays. They are beneficial for a wide range of users: for businesses, journalists, bloggers, etc. However, PETs are not always used for legal activity. There a lot of anonymous networks and technologies which grants anonymous access to digital resources. The most popular anonymous networks nowadays is Tor. Tor is a valuable tool for hackers, drug and gun dealers. The present paper is focused on Tor users’ deanonimization using out-of-the box technologies and a basic machine learning algorithm. The aim of the work is to show that it is possible to deanonimize a small fraction of users without having a lot of resources and state-of-the-art machine learning techniques. The first stage of the research was the investigation of contemporary anonymous networks. The second stage was the investigation of deanonimization techniques: traffic analysis, timing attacks, attacks with autonomous systems. For our system, we used website fingerprinting attack, because it requires the smallest number of resources needed for successful implementation of the attack. Finally, there was an experiment held with 5 persons in one room with one corrupted entry Tor relay. We achieved a quite good accuracy (70%) for classifying the webpage, which the user visits, using the set of resources provided by global cybersecurity company. The deanonimization is a very important task from the point of view of national security.

Tor, deanonimization, website fingerprinting, traffic analysis, anonymous network, deep web

1. S.M. Avdoshin, A.V. Lazarenko. [Technology of anonymous networks]. Informacionnye tehnologii [Information Technologies], vol. 22, №4, pp. 284-291, 2016 (in Russian).

2. R. Dingledine, N. Mathewson, P. Syverson. “Tor: The Second-Generation Onion Router”. In Proceedings of the 13th USENIX Security Symposium, August 2004 (online publication). Available at: http://www.onion-router.net/Publications/tor-design.pdf, accessed 12.07.2016.

3. Relays and bridges in the network (online publication). Tor METRICS [Official website]. Available at: https://metrics.torproject.org/networksize.html, accessed 12.07.2016.

4. The NSA’s Been Trying to Hack into Tor’s Anonymous Internet For Years (online publication). Gizmodo [Official website]. Available at: http://gizmodo.com/the-nsas-been-trying-to-hack-into-tors-anonymous-inte-1441153819, accessed 12.07.2016.

5. Zakupka No0373100088714000008 (online publication). Gosudarstvennie zakupky [State Procurements] [Official website]. Available at: http://zakupki.gov.ru/epz/order/notice/zkk44/view/common-info.html?regNumber=0373100088714000008, accessed 12.07.2016 (in Russian).

6. S.M. Avdoshin, A.V. Lazarenko, [Tor Users Deanonimization Methods]. Informacionnye tehnologii [Information Technologies], vol. 22, №5, pp. 362-372, 2016 (in Russian).

7. X. Cai, X.C. Zhang, B. Joshy, R. Johnson. Touching from a Distance: Website Fingerprinting Attacks and Defenses (online publication). Available at: http://www3.cs.stonybrook.edu/~xcai/fp.pdf, accessed 12.07.2016.

8. T. Wang, Website Fingerprinting: Attacks and Defenses, PhD Thesis (online publication), 2015. Available at: https://uwspace.uwaterloo.ca/bitstream/handle/10012/10123/Wang_Tao.pdf?sequence=3, accessed 12.07.2016.

9. X.Gu, M.Yang, J.Luo. A Novel Website Fingerprinting Attack Against Multi-Tab Browsing Behavior (online publication). In Computer Supported Cooperative Work in Design (CSWD), 2015. Available at: http://ieeexplore.ieee.org/xpl/login.jsp?tp=&arnumber=7230964&url=http%3A%2F%2Fieeexplore.ieee.org%2Fxpls%2Fabs_all.jsp%3Farnumber%3D7230964, accessed: 12.07.2016.

10. A. Panchenko, F. Lanze, A. Zinnden, M. Henze, J. Pannekamp, K. Wehrle, T. Engel. Website Fingerprinting at Internet Scale (online publication). Available at: https://www.comsys.rwth-aachen.de/fileadmin/papers/2016/2016-panchenko-ndss-fingerprinting.pdf, accessed 12.07.2016.

11. J.Nielsen. How Long Do Users Stay on Web Pages (online publication), Available at: https://www.nngroup.com/articles/how-long-do-users-stay-on-web-pages/, accessed 12.07.2016.

12. Ethical Tor Research: Guidelines (online publication). Available at: https://blog.torproject.org/blog/ethical-tor-research-guidelines, accessed 12.07.2016