While anonymity networks like Tor aim to protect the privacy of their users, they are vulnerable to traffic analysis attacks such as Website Fingerprinting (WF) and Flow Correlation (FC). Recent implementations of WF and FC attacks, such as Tik-Tok and DeepCoFFEA, have shown that the attacks can be effectively carried out, threatening user privacy. Consequently, there is a need for effective traffic analysis defense. There are a variety of existing defenses, but most are either ineffective, incur high latency and bandwidth overhead, or require additional infrastructure. As a result, we aim to design a traffic analysis defense that is efficient and highly resistant to both WF and FC attacks. We propose DeTorrent, which uses competing neural networks to generate and evaluate traffic analysis defenses that insert 'dummy' traffic into real traffic flows. DeTorrent operates with moderate overhead and without delaying traffic. In a closed-world WF setting, it reduces an attacker's accuracy by 60.5%, a reduction 9.5% better than the next-best padding-only defense. Against the state-of-the-art FC attacker, DeTorrent reduces the true positive rate for a $10^{-4}$ false positive rate to about .30, which is less than half that of the next-best defense. We also demonstrate DeTorrent's practicality by deploying it alongside the Tor network and find that it maintains its performance when applied to live traffic.

翻译：尽管像Tor这样的匿名网络旨在保护用户隐私，但它们容易受到网站指纹识别（WF）和流关联（FC）等流量分析攻击的威胁。最近的WF和FC攻击实现（如Tik-Tok和DeepCoFFEA）表明，这些攻击可以高效实施，从而威胁用户隐私。因此，亟需一种有效的流量分析防御机制。现有防御手段种类繁多，但大多效果不佳、产生高延迟和带宽开销，或需要额外基础设施。为此，我们旨在设计一种高效且能强力抵抗WF和FC攻击的流量分析防御方案。我们提出DeTorrent，它利用竞争性神经网络生成并评估通过向真实流量中注入“虚假”流量实现的流量分析防御。DeTorrent以适度开销运行，且不延迟流量。在封闭世界WF场景中，它将攻击者的准确率降低60.5%，此降幅比次优的纯填充防御高出9.5%。针对最先进的FC攻击者，DeTorrent将$10^{-4}$误报率下的真正例率降至约0.30，不到次优防御的一半。我们还通过在Tor网络中实际部署DeTorrent展示了其实用性，并发现其在实时流量中仍能保持性能。