Ricerc@Sapienza

In this work we show that Tor is vulnerable to app deanonymization attacks on
Android devices through network traffic analysis. For this purpose, we describe
a general methodology for performing an attack that allows to deanonymize the
apps running on a target smartphone using Tor, which is the victim of the
attack. Then, we discuss a Proof-of-Concept, implementing the methodology, that
shows how the attack can be performed in practice and allows to assess the
deanonymization accuracy that it is possible to achieve. While attacks against
Tor anonymity have been already gained considerable attention in the context of
website fingerprinting in desktop environments, to the best of our knowledge
this is the first work that highlights Tor vulnerability to apps
deanonymization attacks on Android devices. In our experiments we achieved an
accuracy of 97%.