AI can detect if a Tor Network surfer is using an Android app (including Facebook, Instagram Twitch and YouTube)

The algorithm works as an anonymization script that does not reveal a user’s real IP address or other details that might make the user’s identity transparent. However, the technique developed by researchers from the Sapienza University of Rome in Italy does reveal if a Tor user is using an Android app.

The research is built on their previous research that was able to assess the TCP packet flows of Tor traffic and separate the traffic from browsing, email, chat, audio streaming, video streaming, file transfers, VoIP, and P2P.

The team of Italian researchers utilized the same principles to detect the patterns of users using certain Android apps.

Then the group developed a machine-learning algorithm that was trained to pinpoint Tor traffic patterns of ten apps that include the Tor Browser Android app, Daily Motion, Facebook, Instagram, Replaio Radio, Skype, Spotify, Twitch, uTorrent and YouTube.

The result of their experiment showed 97.3 percent accuracy.

However, the mechanism is not as perfect as it may seem. Firstly, the practice can only be put in place when the user is using his mobile device with no app, and nothing else.

If multiple apps are opened at the same time, the TCP traffic is jumbled up resulting in lack of efficiency on the algorithm’s part.
Related: How to Disappear From the Internet: A Step-by-Step Guide (infographic)
Another issue with the algorithm is accuracy. For example, streaming-based apps such as Spotify or YouTube are often yielding false results.

The long idle periods on apps such as Instagram, Facebook, and the Tor Browser app are also still not perfect as well.

Experts believe that issues will increase when more apps are added to the experiment.

To read more details about the research paper last month, check out the "Peel the onion". The researchers claim that they plan to release the code of the algorithm too.
Also Read: Anonymity on the Internet - The State Of Virtual Private Network Usage (VPN)
A new study shows that Tor is vulnerable to app de-anonymization attacks on Android smartphones through network traffic analysis.
Photo: Daniel Acker/Bloomberg via Getty Images

Read Next: Artificial Intelligence: Good Versus Evil (infographic)
Previous Post Next Post