Researchers Demonstrate New Fingerprinting Attack on Tor Encrypted Traffic

[silversurfer]

Content source

https://thehackernews.com/2021/11/researchers-demonstrate-new.html

A new analysis of website fingerprinting (WF) attacks aimed at the Tor web browser has revealed that it's possible for an adversary to glean a website frequented by a victim, but only in scenarios where the threat actor is interested in a specific subset of the websites visited by users.

"While attacks can exceed 95% accuracy when monitoring a small set of five popular websites, indiscriminate (non-targeted) attacks against sets of 25 and 100 websites fail to exceed an accuracy of 80% and 60%, respectively," researchers Giovanni Cherubin, Rob Jansen, and Carmela Troncoso said in a newly published paper. [PDF]

"The results of our real-world evaluation demonstrate that WF attacks can only be successful in the wild if the adversary aims to identify websites within a small set," the researchers concluded. "In other words, untargetted adversaries that aim to generally monitor users' website visits will fail, but focused adversaries that target one particular client configuration and website may succeed."

Researchers Demonstrate New Fingerprinting Attack on Tor Encrypted Traffic

Researchers demonstrate a new fingerprinting attack on encrypted traffic using the Tor web browser.

thehackernews.com