Investigating website-fingerprinting attacks and defences on Tor

Young, A. (2015). Investigating website-fingerprinting attacks and defences on Tor (BEng (Hons) CSF Dissertation). Edinburgh Napier University (Macfarlane, R., Buchanan, B.).



The Tor network is the most commonly used anonymous networking service to date.
It's use extends all the way from military operations and espionage to journalism to
cyber-criminals. It's developers, The Tor Project, is always looking for volunteers
with the right skills to test and evaluate their product and report their findings.
Website-fingerprinting attacks are a form of pattern matching where an adversary
compares metrics such as order, volume and size of encrypted data to a previously
determined fingerprint to try and determine what web-page a user is accessing. This
thesis has been written with the intent to investigate these website-fingerprinting
attacks on Tor users and determine whether or not they pose a threat to online
To reach this end, we have conducted an in-depth technical review of Tor and onionrouting
in general as well as touch on similar services such as I2P and Freenet.
Following on from this, we have critically analysed the surrounding literature
regarding anonymity networks and their vulnerabilities.
In order to evaluate this threat, we have designed and implemented a platform called
fingerprinTOR to use in the evaluation of these attacks and compare the results to
previous work. The application is written in C#.NET and integrates the packet sniffer,
tshark, to capture network traces.
The results from this have been reviewed and compared to some of the most highly
regarded work in this area. The findings from this thesis have suggested that although
there have been a number of investigations of varying scale into Tor's defences which
claim to pose a real risk to the security of it's users, this does not mean Tor must
The final conclusion of this study finds that although we can find useful information
in the patterns of Tor's encrypted network traffic, the attacks do not provide sufficient
results in a real world environment to warrant the original claims.
[Read More]


Areas of Expertise

Electronic information now plays a vital role in almost every aspect of our daily lives. So the need for a secure and trustworthy online infrastructure is more important than ever. without it, not only the growth of the internet but our personal interactions and the economy itself could be at risk.

Associated Projects