Researchers claim 81% of Tor users can be identified by router information

Internet users who don't want to be tracked have many tools at their disposal. One of the most commonly used tools is Tor. Tor is a free software platform and open network that is designed to allow users to defend against traffic analysis as they surf the web. Users of Tor want to keep their business activities, relationships, and privacy secret. It appears that Tor may have a significant flaw.

A former researcher from the Columbia University Network Security Lab has conducted research that started back in 2008 that indicates traffic flow software built into network routers can be exploited to identify Tor users. The researcher specifically calls out the Cisco Netflow package as software that can be used to unmask Tor users.

The researcher is Professor Sambuddho Chakravarty and he is currently conducting research on Network Anonymity and Privacy at Indraprastha Institute of Technology. To unveil Tor users, the professor used a technique that injects a repeating traffic pattern into the TCP connection associated with an exit node. He then compared resulting aberrations in network timing with traffic flow records generated by Netflow.

That allows him to find specific victim clients. The researcher says that in a lab setting, the success rate of his technology is 100% with network noise and variations reducing efficiency to 81% in live Tor environments.

SOURCE: Slashdot