Abstract--This paper analyzes the web browsing
behaviour of Tor users. By collecting HTTP requests we show which
websites are of interest to Tor users and we determined an upper bound
on how vulnerable Tor users are to sophisticated de-anonymization
attacks: up to 78 % of the Tor users do not use Tor as
suggested by the Tor community, namely to browse the web with TorButton.
They could thus fall victim to de-anonymization attacks by merely
browsing the web. Around 1 % of the requests could be used by an
adversary for exploit piggybacking on vulnerable file formats. Another 7
% of all requests were generated by social networking sites which leak
plenty of sensitive and identifying information. Due to the design of
HTTP and Tor, we argue that HTTPS is currently the only effective
countermeasure against de-anonymization and information leakage for HTTP
over Tor. Tor HTTP usage and Information Leakage, 11th Joint IFIP TC6 and TC11 Conference on Communications and Multimedia Security, Linz, AT. @conference{torHTTP2010, title={{Tor HTTP usage and Information Leakage}}, author={Markus Huber and Martin Mulazzani and Edgar Weippl}, booktitle={Communications and Multimedia Security}, year={2010}, organization={Springer} } |