Skip to main content

81% of Tor users are identifiable according to new anonymity report

A new report claims that more than 81 per cent of Tor users are identifiable using a method that threatens Internet anonymity.

The study, titled “On the Effectiveness of Traffic Analysis Against Anonymity Networks Using Flow Records,” claims that a technique known as traffic confirmation can be used to identify users.

Read more: 400 dark net sites including Silk Road 2.0 closed as part of huge police operation

It requires the ability to monitor large amounts of data coming in and out of Tor nodes to determine the IP address of the individual being tracked. According to the report, the technique has been largely successful.

"In experiments that involved data from public Tor relays, using both open source Netflow emulation packages and our institutional Cisco router that monitored traffic using Netflow framework, we were able to correctly identify the source of anonymous traffic in about 81.4 per cent of our experiments, with about 6.4 per cent false positives."

The Tor Project has responded to the claims via a blog post in which it explains that the network has never been designed to combat a technique such as traffic confirmation.

"The Tor design doesn't try to protect against an attacker who can see or measure traffic going into the Tor network and also traffic coming out of the Tor network.

"That's because if you can see both flows, some simple statistics let you decide whether they match up.”

Tor also sought to reassure users that whether they can be identified or not is dependent on “how much of the Internet the adversary is able to measure or control.”

Read more: Police face questions after “deep dark web” raids

The blog post goes on to praise the fact that additional research is being carried out regarding traffic confirmation attacks, but says users are still able to trust the network, adding that there is no need to “freak out.”