@inproceedings{1536c60225a64960afe231d2d69c7508,
title = "Know Your Victim: Tor Browser Setting Identification via Network Traffic Analysis",
abstract = "Network traffic analysis (NTA) is widely researched to fingerprint users' behavior by analyzing network traffic with machine learning algorithms. It has introduced new lines of de-anonymizing attacks [1] in the Tor network, inclusive of Website Fingerprinting (WF) and Hidden Service Fingerprinting (HSF). Previous work [4] observed that the Tor browser version may affect network traffic and claimed that having identical browsing settings between the users and adversaries is one of the challenges in WF and HSF. Based on this observation, we propose a NTA method to identify users' browser settings in the Tor network. We confirm that browser settings have notable impacts on network traffic and create a classifier to identify the browser settings. The classifier can establish over 99% accuracy under the closed-world assumption. The open-world assumption results indicate classification success except for one security setting option. Last, we provide our observations and insights through feature analysis and changelog inspection.",
keywords = "Tor, anonymity, network traffic analysis, privacy",
author = "Chang, {Chun Ming} and Hsiao, {Hsu Chun} and Timothy Lynar and Tatsuya Mori",
note = "Funding Information: This research was supported in part by the Ministry of Science and Technology of Taiwan under grants MOST 109-2636-E-002-021 and 110-2628-E-002-002. Publisher Copyright: {\textcopyright} 2022 ACM.; 31st ACM Web Conference, WWW 2022 ; Conference date: 25-04-2022",
year = "2022",
month = apr,
day = "25",
doi = "10.1145/3487553.3524244",
language = "English",
series = "WWW 2022 - Companion Proceedings of the Web Conference 2022",
publisher = "Association for Computing Machinery, Inc",
pages = "201--204",
booktitle = "WWW 2022 - Companion Proceedings of the Web Conference 2022",
}