Jump to content
Usr6

DEANONYMIZING TOR HIDDEN SERVICE USERS THROUGH BITCOIN TRANSACTIONS ANALYSIS

Recommended Posts

Posted

Abstract

Al Jawaheri, Husam, B, Masters:

June: 2017, Master of Computing

Title: DEANONYMIZING TOR HIDDEN SERVICE USERS THROUGH

BITCOIN TRANSACTIONS ANALYSIS

Supervisor of Thesis: Qutaibah Malluhi

 

With the rapid increase of threats on the Internet, people are continuously

seeking privacy and anonymity. Services such as Bitcoin and Tor were intro-

duced to provide anonymity for online transactions and Web browsing. Due to

its pseudonymity model, Bitcoin lacks retroactive operational security, which

means historical pieces of information could be used to identify a certain user.

We investigate the feasibility of deanonymizing users of Tor hidden services

who rely on Bitcoin as a method of payment. In particular, we correlate the

public Bitcoin addresses of users and services with their corresponding trans-

actions in the Blockchain. In other words, we establish a provable link between

a Tor hidden service and its user by simply showing a transaction between

their two corresponding addresses. This subtle information leakage breaks the

anonymity of users and may have serious privacy consequences, depending on

the sensitivity of the use case.

To demonstrate how an adversary can deanonymize hidden service users by

exploiting leaked information from Bitcoin over Tor, we carried out a real-world

experiment as a proof-of-concept. First, we collected public Bitcoin addresses

of Tor hidden services from their .onion landing pages. Out of 1.5K hidden

services we crawled, we found 88 unique Bitcoin addresses that have a healthy

economic activity in 2017. Next, we collected public Bitcoin addresses from

two channels of online social networks, namely, Twitter and the BitcoinTalk

forum. Out of 5B tweets and 1M forum pages, we found 4.2K and 41K unique

online identities, respectively, along with their public personal information and

Bitcoin addresses. We then expanded the lists of Bitcoin addresses using closure

analysis, where a Bitcoin address is used to identify a set of other addresses that

are highly likely to be controlled by the same user. This allowed us to collect

thousands more Bitcoin addresses for the users. By analyzing the transactions

in the Blockchain, we were able to link up to 125 unique users to various

hidden services, including sensitive ones, such as The Pirate Bay, Silk Road, and

WikiLeaks. Finally, we traced concrete case studies to demonstrate the privacy

implications of information leakage and user deanonymization. In particular,

we show that Bitcoin addresses should always be assumed as compromised and

can be used to deanonymize users.

 

Link: http://qspace.qu.edu.qa/bitstream/handle/10576/5797/Deanonymizing Tor Hidden Service Users Through Bitcoin Transactions Analysis.pdf

  • Upvote 2

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...