Rob G. Jansen, PhD

Computer Scientist, Researcher, and Principal Investigator
U.S. Naval Research Laboratory, Washington, DC, USA

Publication Details

  1. Citation

    Rob JansenMarc Juarez, Rafael Galvez, Tariq Elahi, and Claudia Diaz:
    Inside Job: Applying Traffic Analysis to Measure Tor from Within. Network and Distributed System Security Symposium, 2018.

    Author Links

    Venue Links


    In this paper, we explore traffic analysis attacks on Tor that are conducted solely with middle relays rather than with relays from the entry or exit positions. We create a methodology to apply novel Tor circuit and website fingerprinting from middle relays to detect onion service usage; that is, we are able to identify websites with hidden network addresses by their traffic patterns. We also carry out the first privacy-preserving popularity measurement of a single social networking website hosted as an onion service by deploying our novel circuit and website fingerprinting techniques in the wild. Our results show: (i) that the middle position enables wide-scale monitoring and measurement not possible from a comparable resource deployment in other relay positions, (ii) that traffic fingerprinting techniques are as effective from the middle relay position as prior works show from a guard relay, and (iii) that an adversary can use our fingerprinting methodology to discover the popularity of onion services, or as a filter to target specific nodes in the network, such as particular guard relays.


      title = {Inside Job: Applying Traffic Analysis to Measure Tor from Within},
      author = {Jansen, Rob and Juarez, Marc and Galvez, Rafael and Elahi, Tariq and Diaz, Claudia},
      booktitle = {Network and Distributed System Security Symposium},
      year = {2018},
      doi = {10.14722/ndss.2018.23261},