Tor is a free software that prevents people from learning your location or browsing habits by letting you communicate anonymously on the Internet. It can be used to anonymize on the web both browsing users and users that offers services. Thank to its anonymity and the consequent freedom, it has become the main channel to avoid censorship on the web or to spoke about sensitive topics. The downside is that also illegal actions have find their space here, so we have seen a proliferate of drugs and stolen stuff markets and also forum of controversial topics.
The anonymity provided by the Tor may be less effective using software not originally intended to preserve user privacy.
The goal of this project is to exploit data gathered from forums and social networks residents on Tor in order to reconstruct a detailed user access pattern to the net and show how they can be used to jeopardize users privacy.
Indeed, every time users write both on forums and social networks also under Tor, their actions are recorded as timestamp and we can use these sources as a kind of public and persistent ledger.
We want to study how the access pattern reconstruction can lead to a user location leak, and apply this attack to all users of the targeted forums, in order to trace the demography of the forums.
Lastly, we want to try to correlate single user profile over different source both in tor network and in clear web.
Tor is the most used software to preserve users anonymity and avoid censorship over internet. Due to is meaningful role, it is supported by many ethical associations, like the Human Rights Watch, and by big IT companies like Google or Facebook.
As described above, most of the previous researches were focused on the deanonymization of a single user. In addition, they require an active presence that can control and monitor an AS (autonomous system) or an active attack on the TOR protocol.
In this project we take a different approach. We want to de-anonymize an entire community belonging on the TOR network and to determine its geographical composition.
Our idea is inspired by the fact that user access to the net is constrained by their everyday life activities, such as: work, school and sleeping time. Although this set of activities can be very different for each user, there is one, the sleeping time, that is pretty similar for every user living in the same time zone or country.
Differently from the other approaches, we do not need to actively track the users that we want to de-anonymize. We can get all the information we need from their past traces, and we can pursue our attack even if they are not actively using the network.
With this project we aim at presenting a groundbreaking work and we plan to submit an academic paper to IEEE Conference on Computer Communications, a topmost security and privacy conferences in computer science. In addition, we plan to release as open-source the tools we will realize to analyze data.