A novel flow multiplication attack against Tor

Tor has become one of the most popular overlay networks for anonymizing TCP traffic. A novel and effective flow multiplication attack against Tor is proposed in this paper, which exploits the fundamental vulnerability of anonymous Web browsing by using a man-in-the-middle attack on client´s HTTP flow. In the flow multiplication attack, whenever a malicious exit onion router detects a Web request to a target server, it responds with a malicious page embedded with specified number of image tags, which will cause the browser to initiate deterministic number of web connections on the same circuit to fetch those images. The entry onion router on the circuit can then find such traffic pattern and the communication relationship between the client and the Web server will be discovered. Even if all active content systems such as JavaScript in the browser are disabled, our attack can still compromise the anonymity of Tor while achieving invisibility by keeping client´s communication running continuously. The experiment results on Tor validate the feasibility and effectiveness of our attack.