Anonymity networks are becoming increasingly popular in today’s online world as more users attempt to safeguard their online privacy. Tor is currently the most popular anonymity network in use and provides anonymity to both users and services (hidden services). However, the anonymity provided by Tor is also being misused in various ways. Hosting illegal sites for selling drugs, hosting command and control servers for botnets, and distributing censored content are but a few such examples. As a result, various parties, including governments and law enforcement agencies, are interested in attacks that assist in de-anonymising the Tor network, disrupting its operations, and bypassing its censorship circumvention mechanisms. In this survey paper, we review known Tor attacks and identify current techniques for the de-anonymisation of Tor users and hidden services. We discuss these techniques and analyse the practicality of their execution method. We conclude by discussing improvements to the Tor framework that help prevent the surveyed de-anonymisation attacks.

中文翻译：

---

Tor 的去匿名化攻击：一项调查

随着越来越多的用户试图保护他们的在线隐私，匿名网络在当今的在线世界中变得越来越流行。Tor 是目前最流行的匿名网络，为用户和服务（隐藏服务）提供匿名性。然而，Tor 提供的匿名性也被以各种方式滥用。托管用于销售毒品的非法站点、托管用于僵尸网络的命令和控制服务器以及分发受审查的内容只是其中的几个例子。因此，包括政府和执法机构在内的各方都对有助于对 Tor 网络进行匿名化、破坏其运营和绕过其审查规避机制的攻击感兴趣。在这份调查报告中，我们审查已知的 Tor 攻击并确定当前用于 Tor 用户和隐藏服务去匿名化的技术。我们讨论这些技术并分析其执行方法的实用性。最后，我们讨论了有助于防止所调查的去匿名化攻击的 Tor 框架的改进。