UROP Project

Evaluating Website Fingerprinting in Tor



Daniel Holder

Program Director UROP


+49 241 80-90695


Key Info

Basic Information

Project Offer-Number:
UROP International
Computer Science
Organisation unit:
Communication and Distributed Systems (Informatik 4)
Language Skills:
Fluency in English


The Tor network promises to hide the content and identities of communication partners. However, it is not able to obscure the size, direction and timing of transferred packets. Website fingerprinting attacks exploit this knowledge to infer information about the visited website despite an encrypted and anonymized connection. Recent studies have shown that the attack is more realistic and significantly more effective than thought before. A potential research project targets to improve the attack. E.g., users typically visit multiple pages on the same website. An attacker can exploit this knowledge to better distinguish between websites that show similar network trace characteristics. The exact project topic, methods and outcome will be defined at a later date, depending on our research progress and/or your interests and skills. Our full research expertise and general information on our research environment are available at https://www.comsys.rwth-aachen.de/research/security-and-privacy/ Jan Pennekamp, M.Sc. Jan.pennekamp@comsys.rwth-aachen.de


What we offer: This is a great opportunity for you to actively engage in and contribute to original research in the area of security and privacy in Tor, a field that is rapidly evolving since the global surveillance disclosures took place. RWTH Aachen University offers an excellent, interdisciplinary research environment, which stimulates cooperation between research groups inside and outside the department of computer science. In particular, this project is part of joint work between Brandenburg University of Technology (BTU), and RWTH Aachen University. Therefore, you can experience research collaborations at first hand. Our group is home of a crowd of enthusiastic Bachelor, Master, and PhD students and offers an attractive work environment. For the project, we will provide you with a workplace in one of our project rooms and all other necessary infrastructure. You will interact closely with your supervisor as well as other researchers on a daily basis.


What we expect: Your project will describe a small, independent block of research that you are responsible for, and which you will be able to undertake independently with the help of your supervisor. Research in our group typically consists of the design, implementation, and evaluation of communication systems. For this topic, you should be interested in computer networking, security, and privacy and have solid programming skills, preferably in Python, Java, and/or C/C++. You should also have basic Linux skills. Knowledge on the concepts of secure communication protocols (such as TLS), the Internet of Things, or Tor is a plus but not mandatory. You should have curiosity, an independent working method, and the willingness to bring in and discuss your own ideas and solutions. If you feel interested in this opportunity, we welcome you to apply!