Hello My name is Nima Azizzadeh and I'm a second year of mastering Cyber Security major at University of Tehran, Iran. I am extremely interested in pursuing independent research. An extensive research experience will greatly help me consolidate my future career choice.
Recently I'm interested in tor project vulnerabilities and I looked at some papers about it. This paper "The Effect of DNS on Tor’s Anonymity, NDSS, February 2017" attracted a great deal of my attention. A lot of research has gone into improving the Tor network, but its use of DNS has received little attention. In this research project, they set out to learn how DNS can harm the anonymity of Tor users, and how adversaries can leverage the DNS protocol to deanonymize users. They studied (i) how exposed the DNS protocol is compared to web traffic, (ii) how Tor exit relays are configured to use DNS, (iii) how existing website fingerprinting attacks can be enhanced with DNS, and (iv) how effective these enhanced website fingerprinting attacks are at Internet-scale.
Also, I found another project that I think can defend against these attacks to some degree. The project is T-DNS (Connection-Oriented DNS to Improve Privacy and Security - DNS over TCP and TLS). It combines TCP to smoothly support large payloads and mitigate spoofing and amplification for DoS. T-DNS uses transport-layer security (TLS) to provide privacy from users to their DNS resolvers and optionally to authoritative servers.
I want to integrate T-DNS server proxy and client proxy with Tor project source code to add some security feature to Tor project. I also implement T-DNS server proxy and client proxy I just need to add this feature in Tor source code. Something like creating a built-in standalone T-DNS client proxy and server proxy in Tor relays, and encourage people to use them with Tor Exits (and other DNS clients and servers).
As you have a lot of exprience on Tor project, I would be happy if you could help me on this or give me some suggestion to clarify the way for me. I look forward to hearing from you!
Best Regards, Nima Azizzadeh