Kwon et al. recently showed that circuit fingerprinting attacks could be used to identify hidden service circuits, which is a key step towards linking Tor users and their activity online. In this paper, we explore an improvement to their attack that uses random forests, which achieves similar accuracy while being more robust to simple countermeasures against it. Additionally, we perform our attack from a middle node, for which an attacker needs less resources and can leverage guard fingerprinting to deanonymize users. Our evaluation shows the attack can be effectively deployed at the middle with 99.98% accuracy.
@misc{middlefp-s&p2017,
title = {Fingerprinting Hidden Service Circuits from a Tor Middle Relay},
author = {Juarez, Marc and Jansen, Rob and Galvez, Rafael and Elahi, Tariq and Diaz, Claudia and Wright, Matthew},
howpublished = {Symposium on Security and Privacy},
year = {2017},
note = {Poster abstract},
}