Recently, the option of de-anonymizing users on Tor network was discussed. This possibility led to numerous discussions online. The team behind the project assured that the false positive rate makes such attacks worthless. According to research done by a professor in the Indraprastha Institute of Information Technology in Delhi, the traffic analysis gathered by Cisco routers can reveal the IP addresses of 81% of Tor users.
False Positive Rate – Important for the Research
Professor Sambuddah Chakravarty shares that all anonymous sources were precisely revealed during the tests run in a laboratory environment. Those conducted in the wild showed 81.4% accuracy. The recorded false negative rate was 12.2% and the false positive rate – 6.4%. According to the Tor Project leeade, Roger Dingledine, the 6.4 % value of the false positive rate is highly significant, as it shows that a large-scale attack would be rather inefficient.Here’s what Roger Dingledine said in a blog post on Friday:
“The discussion of false positives is key to this new paper too: Sambuddho’s paper mentions a false positive rate of 6%. That sounds like it means if you see a traffic flow at one side of the Tor network, and you have a set of 100000 flows on the other side and you’re trying to find the match, then 6000 of those flows will look like a match. It’s easy to see how at scale, this ‘base rate fallacy’ problem could make the attack effectively useless,”
In the same post was also noted that there were previous traffic confirmation experiments.
The Issues with a Large Network
Professor Sambuddah Chakravarty’s research is based on identifying resemblances in the traffic flow patterns that enter and exit the Tor network. The information from NetFlow is not filtered enough, and in order to balance this drawback, the type of the attack that the researcher proposed, requires a server that is controlled by the cyber criminals and “introduces deterministic perturbations to the traffic of anonymous visitors.”
According to Dingledine, the amount of the Internet controlled by the attackers is of great importance because it is directly bound to the project’s efficiency and the required budget. A larger network is a prerogative for a less successful attack.
Tor Project leader assure the users that they have nothing to worry about at this point and that their anonymity will be kept.