[tor-dev] Strong Flow Correlation Attacks on Tor Using Deep Learning

procmem procmem at riseup.net
Fri Sep 21 16:20:00 UTC 2018

Hi I wanted to bring your attention to this recent Tor attack paper
published at the CCS conference:


>     We show that with moderate learning, DeepCorr can correlate Tor connections (and therefore break its anonymity) with accuracies significantly higher than existing algorithms, and using substantially shorter lengths of flow observations. For instance, by collecting only about 900 packets of each target Tor flow (roughly 900KB of Tor data), DeepCorr provides a flow correlation accuracy of 96% compared to 4% by the state-of-the-art system of RAPTOR using the same exact setting.
>     We hope that our work demonstrates the escalating threat of flow correlation attacks on Tor given recent advances in learning algorithms, calling for the timely deployment of effective countermeasures by the Tor community.

It has an extremely high true positive rate under real world conditions.
The two main suggested countermeasures are padding and AS-aware path
selection. I think you are working on the former but no practical
implementation of the latter is  ready?

More information about the tor-dev mailing list