Applicability of website fingerprinting attack on tor encrypted traffic

Abstract

Tor is a famous anonymity tools that provide Internet user with capability of being anonymous in the Internet. By using the Tor network, a user can browser without anyone know the truth of the communication information. Numerous studies have been performed worldwide on deanonymizing the Tor user. One of popular study is the Website Fingerprinting (WF) attack, a subset of passive traffic analysis attack. WF consists of complex traffic analytical process with several limitations and assumptions on the Tor network. In this paper, we will discuss the fundamental principal of WF on Tor network, its assumptions and discussion on whether WF is considered as applicable on attacking the Tor user anonymity(especially in real-world scenario).As a result, the applicability discussion and establishment are presented. This study had found that with the advancement of WF attack, it is applicable to be utilized on Tor encrypted traffic and might become a serious threat to Tor’s user anonymity if no proper defense being proposed to prevent the improved WF attack.