University of Veszprem
In this paper, the authors proposed a protocol-level hidden server discovery approach to locate the Tor hidden server that hosts the illegal website. They investigated the Tor hidden server protocol and developed a hidden server discovery system, which consists of a Tor client, a Tor rendezvous point, and several Tor entry onion routers. They manipulate Tor cells, i.e., the basic transmission unit over Tor, at the Tor rendezvous point to generate a protocol-level feature at the entry onion routers. Once their controlled entry onion routers detect such a feature, they can confirm the IP address of the hidden server. They conduct extensive analysis and experiments to demonstrate the feasibility and effectiveness of their approach.