Sign In

Communications of the ACM

ACM News

81% of Tor ­sers Can Be De-Anonymised By Analysing Router Information, Research Indicates

View as: Print Mobile App Share:
The process through which many Tor users may be de-anonymized.

Researcher Sambuddho Chakravarty says the originating IP addresses for most Tor clients can be revealed by exploiting the Netflow technology that Cisco has built into its router protocols.

Credit: The Stack

Research undertaken between 2008 and 2014 suggests that more than 81% of Tor clients can be ‘de-anonymised’ – their originating IP addresses revealed – by exploiting the ‘Netflow’ technology that Cisco has built into its router protocols, and similar traffic analysis software running by default in the hardware of other manufacturers.

Professor Sambuddho Chakravarty, a former researcher at Columbia University’s Network Security Lab and now researching Network Anonymity and Privacy at the Indraprastha Institute of Information Technology in Delhi, has co-published a series of papers over the last six years outlining the attack vector, and claims a 100% ‘decloaking’ success rate under laboratory conditions, and 81.4% in the actual wilds of the Tor network. 

From The Stack
View Full Article



No entries found