Related papers: I've Seen This IP: A Practical Intersection Attack Against Tor Introduction Circuits and Hidden Services

I've Seen This IP: A Practical Intersection Attack Against Tor Introduction Circuits and Hidden Services

URL: http://arxiv.org/abs/2602.23560v1
Date: Fri, 27 Feb 2026 00:05:37 GMT
Title: I've Seen This IP: A Practical Intersection Attack Against Tor Introduction Circuits and Hidden Services
Authors: Nicolas Constantinides,
Abstract summary: We describe a practical attack on Tor introduction circuits that can, over repeated interactions, identify each hop from the introduction point toward the onion service.<n>The attack issues repeated probes and intersects destination IP address sets observed within narrowly defined textttINTRODUCE1--textttRENDEZVOUS2 time windows.<n>We evaluate feasibility with live-network experiments using a self-operated onion service and relays, and we follow data-minimization and ethical safeguards throughout.
Score: 0.0
License: http://creativecommons.org/licenses/by/4.0/
Abstract: Tor onion services rely on long-lived introduction circuits to support anonymous rendezvous between clients and services. Although Tor includes some defenses against traffic analysis, the introduction protocol retains deterministic routing structure that can be leveraged by an adversary. We describe a practical intersection attack on Tor introduction circuits that can, over repeated interactions, identify each hop from the introduction point toward the onion service while requiring observation at only one relay per stage. The attack issues repeated probes and intersects destination IP address sets observed within narrowly defined \texttt{INTRODUCE1}--\texttt{RENDEZVOUS2} time windows, without assuming global visibility or access to packet payloads. We evaluate feasibility with live-network experiments using a self-operated onion service and relays, and we follow data-minimization and ethical safeguards throughout. The results show reliable convergence in practice, with the rate affected by consensus weight, and time-varying background traffic. We also assess practicality under a partial-global adversary model and discuss implications in light of the geographic concentration of Tor relay weight across cooperating jurisdictions.

Related papers

Agentic Spatio-Temporal Grounding via Collaborative Reasoning [80.83158605034465]
Temporal Video Grounding aims to retrieve thetemporal tube of a target object or person in a video given a text query.<n>We propose the Agentic Spatio-Temporal Grounder (ASTG) framework for the task of STVG towards an open-world and training-free scenario.<n>Specifically, two specialized agents SRA (Spatial Reasoning Agent) and TRA (Temporal Reasoning Agent) constructed leveraging on modern Multimoal Large Language Models (MLLMs)<n>Experiments on popular benchmarks demonstrate the superiority of the proposed approach where it outperforms existing weakly-supervised and zero-shot approaches by a margin
arXiv Detail & Related papers (2026-02-10T10:16:27Z)
RECTor: Robust and Efficient Correlation Attack on Tor [3.643753954062602]
RECTor is a machine learning-based framework for traffic correlation under realistic conditions.<n>It achieves up to 60% higher true positive rates under high-noise conditions and reduces training and inference time by over 50%.<n>These findings reveal critical vulnerabilities in Tor's anonymity model and highlight the need for model-aware defenses.
arXiv Detail & Related papers (2025-11-29T10:25:38Z)
A Comprehensive Survey of Website Fingerprinting Attacks and Defenses in Tor: Advances and Open Challenges [16.146321899546216]
The Tor network provides users with strong anonymity by routing their internet traffic through multiple relays.<n>While Tor encrypts traffic and hides IP addresses, it remains vulnerable to traffic analysis attacks such as the website fingerprinting (WF) attack.<n>This paper systematically categorizing existing WF research into three key domains: datasets, attack models, and defense mechanisms.
arXiv Detail & Related papers (2025-10-13T18:03:05Z)
MUFFLER: Secure Tor Traffic Obfuscation with Dynamic Connection Shuffling and Splitting [11.967326811104831]
MUFFLER is a connection-level traffic obfuscation system designed to secure Tor egress traffic.<n>It maps real connections to a distinct set of virtual connections between the final Tor nodes and targeted services.<n>It achieves up to 27x lower latency overhead than existing solutions and seamlessly integrates with the current Tor architecture.
arXiv Detail & Related papers (2025-04-10T08:17:17Z)
Progressive Pruning: Analyzing the Impact of Intersection Attacks [1.8434042562191815]
Stream-based communication poses unique challenges for anonymous communication networks (ACNs)<n>Traditionally designed for independent messages, ACNs struggle to account for the inherent vulnerabilities of streams.<n>We introduce progressive pruning, a novel methodology for quantifying the susceptibility to intersection attacks.
arXiv Detail & Related papers (2024-10-11T10:40:51Z)
EmInspector: Combating Backdoor Attacks in Federated Self-Supervised Learning Through Embedding Inspection [53.25863925815954]
Federated self-supervised learning (FSSL) has emerged as a promising paradigm that enables the exploitation of clients' vast amounts of unlabeled data. While FSSL offers advantages, its susceptibility to backdoor attacks has not been investigated. We propose the Embedding Inspector (EmInspector) that detects malicious clients by inspecting the embedding space of local models.
arXiv Detail & Related papers (2024-05-21T06:14:49Z)
Cooperative Probabilistic Trajectory Forecasting under Occlusion [110.4960878651584]
Occlusion-aware planning often requires communicating the information of the occluded object to the ego agent for safe navigation. In this paper, we design an end-to-end network that cooperatively estimates the current states of occluded pedestrian in the reference frame of ego agent. We show that the uncertainty-aware trajectory prediction of occluded pedestrian by the ego agent is almost similar to the ground truth trajectory assuming no occlusion.
arXiv Detail & Related papers (2023-12-06T05:36:52Z)
Is Stochastic Mirror Descent Vulnerable to Adversarial Delay Attacks? A Traffic Assignment Resilience Study [20.11993437283895]
We show that learning-based INS infrastructures can achieve Wardrop Non-equilibrium even when experiencing a certain period of disruption in the information structure. These findings provide valuable insights for designing defense mechanisms against possible jamming attacks across different layers of the transportation ecosystem.
arXiv Detail & Related papers (2023-04-03T17:28:24Z)
LSTC: Boosting Atomic Action Detection with Long-Short-Term Context [60.60267767456306]
We decompose the action recognition pipeline into short-term and long-term reliance. Within our design, a local aggregation branch is utilized to gather dense and informative short-term cues. Both branches independently predict the context-specific actions and the results are merged in the end.
arXiv Detail & Related papers (2021-10-19T10:09:09Z)
Temporally-Transferable Perturbations: Efficient, One-Shot Adversarial Attacks for Online Visual Object Trackers [81.90113217334424]
We propose a framework to generate a single temporally transferable adversarial perturbation from the object template image only. This perturbation can then be added to every search image, which comes at virtually no cost, and still, successfully fool the tracker.
arXiv Detail & Related papers (2020-12-30T15:05:53Z)
A Self-supervised Approach for Adversarial Robustness [105.88250594033053]
Adversarial examples can cause catastrophic mistakes in Deep Neural Network (DNNs) based vision systems. This paper proposes a self-supervised adversarial training mechanism in the input space. It provides significant robustness against the textbfunseen adversarial attacks.
arXiv Detail & Related papers (2020-06-08T20:42:39Z)

This list is automatically generated from the titles and abstracts of the papers in this site.