How unique is your .onion? An analysis of the fingerprintability of tor onion services

Rebekah Overdorf, Marc Juarez, Gunes Acar, Rachel Greenstadt, Claudia Diaz

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    Recent studies have shown that Tor onion (hidden) service websites are particularly vulnerable to website ingerprinting attacks due to their limited number and sensitive nature. In this work we present a multi-level feature analysis of onion site ingerprintability, considering three state-of-the-art website ingerprinting methods and 482 Tor onion services, making this the largest analysis of this kind completed on onion services to date. Prior studies typically report average performance results for a given website ingerprinting method or countermeasure. We investigate which sites are more or less vulnerable to ingerprinting and which features make them so. We ind that there is a high variability in the rate at which sites are classiied (and misclassiied) by these attacks, implying that average performance igures may not be informative of the risks that website ingerprinting attacks pose to particular sites. We analyze the features exploited by the diferent website ingerprinting methods and discuss what makes onion service sites more or less easily identiiable, both in terms of their traic traces as well as their webpage design. We study misclassiications to understand how onion services sites can be redesigned to be less vulnerable to website ingerprinting attacks. Our results also inform the design of website ingerprinting countermeasures and their evaluation considering disparate impact across sites.

    Original languageEnglish (US)
    Title of host publicationCCS 2017 - Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security
    PublisherAssociation for Computing Machinery
    Pages2021-2036
    Number of pages16
    ISBN (Electronic)9781450349468
    DOIs
    StatePublished - Oct 30 2017
    Event24th ACM SIGSAC Conference on Computer and Communications Security, CCS 2017 - Dallas, United States
    Duration: Oct 30 2017Nov 3 2017

    Publication series

    NameProceedings of the ACM Conference on Computer and Communications Security
    ISSN (Print)1543-7221

    Other

    Other24th ACM SIGSAC Conference on Computer and Communications Security, CCS 2017
    CountryUnited States
    CityDallas
    Period10/30/1711/3/17

    Keywords

    • Anonymous communications systems
    • Tor
    • Web privacy
    • Website ingerprinting

    ASJC Scopus subject areas

    • Software
    • Computer Networks and Communications

    Fingerprint Dive into the research topics of 'How unique is your .onion? An analysis of the fingerprintability of tor onion services'. Together they form a unique fingerprint.

  • Cite this

    Overdorf, R., Juarez, M., Acar, G., Greenstadt, R., & Diaz, C. (2017). How unique is your .onion? An analysis of the fingerprintability of tor onion services. In CCS 2017 - Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (pp. 2021-2036). (Proceedings of the ACM Conference on Computer and Communications Security). Association for Computing Machinery. https://doi.org/10.1145/3133956.3134005