Skip to main content
SpringerLink
Log in

Security, information, and structure characterization of Tor: a survey

  • Published:
Telecommunication Systems Aims and scope Submit manuscript

Abstract

Content on the World Wide Web that is not indexable by standard search engines defines a category called the deep Web. Dark networks are a subset of the deep Web. They provide services of great interest to users who seek online anonymity during their search on the Internet. Tor is the most widely used dark network around the world. It requires unique application layer protocols and authorization schemes to access. The present evidence reveals that in spite of great efforts to investigate Tor, our understanding is limited to the work on either the information or structure of this network. Also, interplay between information and structure that plays an important role in evaluating socio-technical systems including Tor has not been given the attention it deserves. In this article, we review and classify the present work on Tor to improve our understanding of this network and shed light on the new directions to evaluate Tor. The related work can be categorized into proposals that (1) study the security and privacy on Tor, (2) characterize Tor’s structure, (3) evaluate the information hosted on Tor, and (4) review the related work on Tor from 2014 to the present.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2

Similar content being viewed by others

Data availability

Not applicable

Code Availability

Not applicable

Notes

  1. At the time of this work, the number of Tor relays reported on the website of original Tor project was 6727.

References

  1. Hu, F., Mostashari, A., & Xie, J. (2010). Socio-technical networks: Science and engineering design. New York: CRC Press.

    Book  Google Scholar 

  2. Ikeda, K., & Yasuda, Y. (2015). Social networks. The International Encyclopedia of Political Communication, pages 1–8.

  3. Hernández, I., Rivero, C. R., & Ruiz, D. (2019). Deep web crawling: A survey. World Wide Web, 22(4), 1577–1610.

    Article  Google Scholar 

  4. Chertoff, M., & Simon, T. (2015). The impact of the dark web on internet governance and cyber security. GCIG Paper Series, (6).

  5. Henri, V. (2017). The dark web: Some thoughts for an educated debate. Canadian Journal of Law and Technology, 15(1).

  6. Clarke, I., Sandberg, O., Toseland, M., & Verendel, V. (2010). Private communication through a network of trusted connections: The dark freenet. Network.

  7. Döpmann, C., Fiedler, F., Lucia, S., & Tschorsch, F. (2021) Towards optimization-based predictive congestion control for the tor network. Electronic Communications of the EASST, 80.

  8. Huete Trujillo, D. L., & Ruiz-Martínez, A. (2021). Tor hidden services: A systematic literature review. Journal of Cybersecurity and Privacy, 1(3), 496–518.

    Article  Google Scholar 

  9. Steinebach, M., Schäfer, M., Karakuz, A., Brandl, K., & Yannikos, Y. (2019). Detection and analysis of tor onion services. In Proceedings of the 14th International Conference on Availability, Reliability and Security, (pp. 1–10).

  10. Huete Trujillo, D.L., & Ruiz-Martínez, A. (2021). Tor hidden services: A systematic literature review. Preprints.

  11. Loesing, K., Murdoch, S.J., & Dingledine, R. (2010). A case study on measuring statistical data in the tor anonymity network. In International Conference on Financial Cryptography and Data Security, (pp. 203–215).

  12. Lee, L., Fifield, D., Malkin, N., Iyer, G., Egelman, S., & Wagner, D. (2016). Tor’s usability for censorship circumvention. PhD thesis, Ph. D. dissertation, Master’s thesis, EECS Department, University of California, Berkeley.

  13. Harborth, D., & Pape, S. (2020). How privacy concerns, trust and risk beliefs, and privacy literacy influence users’ intentions to use privacy-enhancing technologies: The case of tor. ACM SIGMIS Database: The DATABASE for Advances in Information Systems, 51(1), 51–69.

    Article  Google Scholar 

  14. Zhang, Y., Zeng, S., Huang, C.-N., Fan, L., Yu, X., Dang, Y., Larson, C.A., Denning, D., Roberts, N., & Chen, H. (2010). Developing a dark web collection and infrastructure for computational and social sciences. In International Conference on Intelligence and Security Informatics, (pp 59–64).

  15. Celestini, A., Me, G., & Mignone, M. (2017). Tor marketplaces exploratory data analysis: the drugs case. In International conference on global security, safety, and sustainability, (pp 218–229). Springer.

  16. Dolliver, D. S., Ericson, S. P., & Love, K. L. (2018). A geographic analysis of drug trafficking patterns on the tor network. Geographical Review, 108(1), 45–68.

    Article  Google Scholar 

  17. Harviainen, J.T., Haasio, A., & Hämäläinen, L. (2020). Drug traders on a local dark web marketplace. In Proceedings of the 23rd International Conference on Academic Mindtrek, (pp. 20–26).

  18. Haasio, A., Harviainen, J. T., & Savolainen, R. (2020). Information needs of drug users on a local dark web marketplace. Information Processing & Management, 57(2), 102080.

    Article  Google Scholar 

  19. Yannikos, Y., Heeger, J., & Brockmeyer, M. (2019). An analysis framework for product prices and supplies in darknet marketplaces. In Proceedings of the 14th International Conference on Availability, Reliability and Security, (pp. 1–7).

  20. Xu, J., & Chen, H. (2008). The topology of dark networks. Communications of the ACM, 51(10), 58–65.

    Article  Google Scholar 

  21. Sanchez-Rola, I., Balzarotti, D., & Santos, I. (2017). The onions have eyes: A comprehensive structure and privacy analysis of tor hidden services. In Proceeding of the 26th International Conference on World Wide Web, (pp. 1251–1260).

  22. Jadoon, A. K., Iqbal, W., Amjad, M. F., Afzal, H., & Bangash, Y. A. (2019). Forensic analysis of tor browser: A case study for privacy and anonymity on the web. Forensic science international, 299, 59–73.

    Article  Google Scholar 

  23. McCoy, D., Bauer, K., Grunwald, D., Kohno, T., & Sicker, D. (2008). Shining light in dark places: Understanding the tor network. In Privacy Enhancing Technologies, (pp 63–76).

  24. Biryukov, A., Pustogarov, I., & Weinmann, R.-P. (2013). Trawling for tor hidden services: Detection, measurement, deanonymization. In Symposium on Security and Privacy, (pp. 80–94).

  25. Biryukov, A., & Pustogarov, I. (2015). Bitcoin over tor is not a good idea. In 2015 IEEE Symposium on Security and Privacy, (pp. 122–134).

  26. Cambiaso, E., Vaccari, I., Patti, L., & Aiello, M. (2019). Darknet security: A categorization of attacks to the tor network. In Italian Conference on Cyber Security.

  27. Bauer, K., McCoy, D., Grunwald, D., Kohno, T., & Sicker, D. (2007). Low-resource routing attacks against tor. In Proceeding of the 2007 ACM workshop on Privacy in Electronic Society, (pp. 11–20).

  28. Amirali, S., & Guevara, N. (2017). Off-path man-in-the-middle attack on tor hidden services. NESD: New England Security Day.

  29. Sanatinia, A., Park, J., Blass, E.-O., Mohaisen, A., & Noubir, G. (2019). A privacy-preserving longevity study of tor hidden services. arXiv preprint arXiv:1909.03576.

  30. Iliou, C., Kalpakis, G., Tsikrika, T., Vrochidis, S., & Kompatsiaris, I. (2016). Hybrid focused crawling for homemade explosives discovery on surface and dark web. In 11th International Conference on Availability, Reliability and Security, (pp. 229–234).

  31. Chen, H., Chung, W., Qin, J., Reid, E., Sageman, M., & Weimann, G. (2008). Uncovering the dark web: A case study of jihad on the web. Journal of the American Society for Information Science and Technology, 59(8), 1347–1359.

    Article  Google Scholar 

  32. Bernaschi, M., Celestini, A.,Guarino, S., Lombardi, F., & Mastrostefano, E. (2019). Spiders like onions: on the network of tor hidden services. In The World Wide Web Conference, (pp. 105–115).

  33. Zabihimayvan, M., Sadeghi, R., Kadariya, D., & Doran, D. (2020). Interaction of structure and information on tor. In International Conference on Complex Networks and Their Applications, (pp. 296–307). Springer.

  34. Tor metrics, (2021).

  35. Wails, R., Johnson, A., Starin, D., Yerukhimovich, A., & Gordon, S.D. (2019). Stormy: Statistics in tor by measuring securely. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, (pp. 615–632).

  36. Basyoni, L., Erbad, A., Alsabah, M., Fetais, N., Mohamed, A., & Guizani, M. (2021). Quictor: Enhancing tor for real-time communication using quic transport protocol. IEEE Access, 9, 28769–28784.

    Article  Google Scholar 

  37. Owen, G., & Savage, N. (2016). Empirical analysis of tor hidden services. IET Information Security, 10(3), 113–118.

    Article  Google Scholar 

  38. Huang, X.-l, Dong, Y.-x, Jiao, K.-x, & Ye, G.-d. (2020). Asymmetric pixel confusion algorithm for images based on rsa and arnold transform. Frontiers of Information Technology & Electronic Engineering, 21(12), 1783–1794.

    Article  Google Scholar 

  39. Zabihimayvan, M., & Doran, D. (2022). A first look at references from the dark to the surface web world: a case study in tor. International Journal of Information Security, (pp. 1–17).

  40. Mohaisen, A., & Ren, K. (2017). Leakage of. onion at the dns root: Measurements, causes, and countermeasures. IEEE/ACM Transactions on Networking, 25(5):3059–3072.

  41. Rajawat, A.S., Rawat, R., Barhanpurkar, K., Shaw, R.N., & Ghosh, A. (2021). Vulnerability analysis at industrial internet of things platform on dark web network using computational intelligence. Computationally Intelligent Systems and their Applications, (pp. 39–51).

  42. Wang, R., Yang, Z., Li, K., Chen, C., & Chen, Y. (2021). Research on tor-based anonymous ddos attack. In MATEC Web of Conferences, 336, (pp. 08007). EDP Sciences.

  43. Steinebach, M., Zenglein, S., & Brandl, K. (2021). Phishing detection on tor hidden services. Forensic Science International: Digital Investigation, 36, 301117.

    Google Scholar 

  44. Cherubin, G., Jansen, R., & Troncoso, C. (2022). Online website fingerprinting: Evaluating website fingerprinting attacks on tor in the real world. In 31st USENIX Security Symposium (USENIX Security 22), (pp. 753–770).

  45. Dalvi, A., Kulkarni, P., Kore, A., & Bhirud, S.G. (2023). Dark web crawling for cybersecurity: Insights into vulnerabilities and ransomware discussions. In 2023 2nd International Conference for Innovation in Technology (INOCON), (pp 1–6). IEEE.

  46. Bernaschi, M., Celestini, A., Guarino, S., & Lombardi, F. (2017). Exploring and analyzing the tor hidden services graph. ACM Transactions on the Web, 11(4), 24.

    Article  Google Scholar 

  47. Burda, P., Boot, C., & Allodi, L. (2019). Characterizing the redundancy of darkweb. onion services. In Proceeding of the 14th International Conference on Availability, Reliability and Security, (pp. 19).

  48. Griffith, V., Xu, Y., & Ratti, C. (2017). Graph theoretic properties of the darkweb. arXiv preprint arXiv:1704.07525.

  49. Dolliver, D. S., & Kuhns, J. B. (2016). The presence of new psychoactive substances in a tor network marketplace environment. Journal of Psychoactive Drugs, 48(5), 321–329.

    Article  Google Scholar 

  50. Harviainen, J.T., Haasio, A., Ruokolainen, T., Hassan, L., Siuda, P., Hamari, J. (2021). Information protection in dark web drug markets research. In Proceedings of the 54th Hawaii International Conference on System Sciences, (pp. 4673).

  51. Christin, N. (2013). Traveling the silk road: A measurement analysis of a large anonymous online marketplace. In Proceeding of the 22nd International Conference on World Wide Web, (pp. 213–224).

  52. Dolliver, D. S. (2015). Evaluating drug trafficking on the tor network: Silk road 2, the sequel. International Journal of Drug Policy, 26(11), 1113–1123.

    Article  Google Scholar 

  53. Alaidi, A.H.M, Roa’a, M., ALRikabi, H.T.S., Aljazaery, I.A., Abbood, S.H. (2022). Dark web illegal activities crawling and classifying using data mining techniques. iJIM, 16(10):123.

  54. Kloess, J.A., & van der Bruggen, M. (2023). Trust and relationship development among users in dark web child sexual exploitation and abuse networks: A literature review from a psychological and criminological perspective. Trauma, Violence, & Abuse, 24(3):1220–1237.

  55. Holt, T. J., & Lee, J. R. (2023). A crime script model of dark web firearms purchasing. American journal of criminal justice, 48(2), 509–529.

    Article  Google Scholar 

  56. Mörch, C.-M., Côté, L.-P., Corthésy-Blondin, L., Dargis, Luc, Plourde-Léveillé, L., & Mishara, B. L. (2018). The darknet and suicide. Journal of Affective Disorders, 241, 127–132.

    Article  Google Scholar 

  57. Woodhams, J., Kloess, J.A., Jose, B., & Hamilton-Giachritsis, C.E. (2021). Characteristics and behaviors of anonymous users of dark web platforms suspected of child sexual offenses. Frontiers in Psychology, 12.

  58. Samtani, S., Chai, Y., & Chen, H. (2021). Linking exploits from the dark web to known vulnerabilities for proactive cyber threat intelligence: An attention-based deep structured semantic model. Forthcoming at MIS Quarterly.

  59. Scrivens, R., Gaudette, T., Davies, G., & Frank, R. (2019). Searching for extremist content online using the dark crawler and sentiment analysis. Methods of Criminology and Criminal Justice Research, (pp. 179–194).

  60. Ghosh, S., Das, A., Porras, P., Yegneswaran, V., & Gehani, A. (2017). Automated categorization of onion sites for analyzing the darkweb ecosystem. In Proceeding of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, (pp. 1793–1802).

  61. Biryukov, A., Pustogarov, I., Thill, F., & Weinmann, R.-P. (2014). Content and popularity analysis of tor hidden services. In 34th International Conference on Distributed Computing Systems Workshops, (pp. 188–193).

  62. Faizan, M., & Khan, R.A. (2019). Exploring and analyzing the dark web: A new alchemy. First Monday.

  63. Zabihimayvan, M., Sadeghi, R., Doran, D., & Allahyari, M. (2019). A broad evaluation of the tor english content ecosystem. In Proceeding of the 10th ACM Conference on Web Science, (pp. 333–342).

  64. Bergman, J., & Popov, O.B. (2023). Exploring dark web crawlers: A systematic literature review of dark web crawlers and their implementation. IEEE Access.

  65. Prabha, C., Mittal, A. (2023). Dark web: A review on the deeper side of the web. In 2022 OPJU International Technology Conference on Emerging Technologies for Sustainable Development (OTCON), (pp. 1–6). IEEE.

  66. Bian, J., Cao, C., Wang, L.,Ye, J., Zhao, Y., & Tang, C. (2021). Tor hidden services discovery and analysis: A literature survey. In Journal of Physics: Conference Series, volume 1757, (pp. 012162). IOP Publishing.

  67. Gupta, A., Maynard, S.B., & Ahmad, A. (2019). The dark web phenomenon: A review and research agenda. In Australasian Conference on Information Systems.

  68. Rawat, R., Rajawat, A.S., Mahor, V., Shaw, R.N., & Ghosh, A. (2021). Dark web-onion hidden service discovery and crawling for profiling morphing, unstructured crime and vulnerabilities prediction. In Innovations in Electrical and Electronic Engineering, (pp. 717–734). Springer.

  69. Ngo, F. T., Marcum, C., & Belshaw, S. (2023). The dark web: What is it, how to access it, and why we need to study it. Journal of Contemporary Criminal Justice, 39(2), 160–166.

    Article  Google Scholar 

  70. Sultana, J., & Jilani, A.K. (2021). Exploring and analysing surface, deep, dark web and attacks. In Security Incidents & Response Against Cyber Attacks, (pp. 85–96). Springer.

  71. Conrad, B., & Shirazi, F. (2014). A survey on tor and i2p. In Ninth International Conference on Internet Monitoring and Protection (ICIMP2014), (pp. 22–28).

  72. Aminuddin, M. A. I. M., Zaaba, Z. F., Singh, M. K. M., & Singh, D. S. M. (2018). A survey on tor encrypted traffic monitoring. International Journal of Advanced Computer Science and Applications, 9(8), 113–120.

    Article  Google Scholar 

  73. Kaur, S., & Randhawa, S. (2020). Dark web: A web of crimes. Wireless Personal Communications, 112(4), 2131–2158.

    Article  Google Scholar 

  74. Davis, S., & Arrigo, B. (2021). The dark web and anonymizing technologies: legal pitfalls, ethical prospects, and policy directions from radical criminology (pp. 1–20). Law and Social Change: Crime.

    Google Scholar 

  75. Saleh, S., Qadir, J., & Ilyas, M. U. (2018). Shedding light on the dark corners of the internet: A survey of tor research. Journal of Network and Computer Applications, 114, 1–28.

    Article  Google Scholar 

  76. Basyoni, L., Fetais, N., Erbad, A., Mohamed, A., & Guizani, M. (2020). Traffic analysis attacks on tor: a survey. In 2020 IEEE International Conference on Informatics, IoT, and Enabling Technologies (ICIoT), (pp. 183–188). IEEE.

  77. Karunanayake, I., Ahmed, N., Malaney, R., Islam, R., & Jha, S. K. (2021). De-anonymisation attacks on tor: A survey. IEEE Communications Surveys & Tutorials.

  78. AlSabah, M., & Goldberg, I. (2016). Performance and security improvements for tor: A survey. ACM Computing Surveys (CSUR), 49(2), 1–36.

    Article  Google Scholar 

Download references

Acknowledgements

The statements made herein are solely the responsibility of the authors. The authors appreciate the anonymous reviewers for their useful feedback regarding this article. Thanks should also go to Dr. Reza Sadeghi with his constructive criticism of the manuscript.

Funding

Not applicable

Author information

Authors and Affiliations

  1. Central Connecticut State University, New Britain, CT, USA

    Mahdieh Zabihimayvan

  2. Marist College, Poughkeepsie, NY, USA

    Reza Sadeghi

  3. LLC, Tenet 3, Dayton, OH, USA

    Derek Doran

Authors
  1. Mahdieh Zabihimayvan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Reza Sadeghi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Derek Doran
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mahdieh Zabihimayvan.

Ethics declarations

Conflict of interest

On behalf of all authors, the corresponding author states that there is no conflict of interest.

Ethics approval

The manuscript in part or in full has not been submitted or published anywhere.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Zabihimayvan, M., Sadeghi, R. & Doran, D. Security, information, and structure characterization of Tor: a survey. Telecommun Syst (2024). https://doi.org/10.1007/s11235-024-01149-y

Download citation

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s11235-024-01149-y

Keywords

Search

Navigation