While anonymity networks like Tor aim to protect the privacy of their users, they are vulnerable to traffic analysis attacks such as Website Fingerprinting (WF) and Flow Correlation (FC). Recent implementations of WF and FC attacks, such as Tik-Tok and DeepCoFFEA, have shown that the attacks can be effectively carried out, threatening user privacy. Consequently, there is a need for effective traffic analysis defense. There are a variety of existing defenses, but most are either ineffective, incur high latency and bandwidth overhead, or require additional infrastructure. As a result, we aim to design a traffic analysis defense that is efficient and highly resistant to both WF and FC attacks. We propose DeTorrent, which uses competing neural networks to generate and evaluate traffic analysis defenses that insert 'dummy' traffic into real traffic flows. DeTorrent operates with moderate overhead and without delaying traffic. In a closed-world WF setting, it reduces an attacker's accuracy by 61.5%, a reduction 10.5% better than the next-best padding-only defense. Against the state-of-the-art FC attacker, DeTorrent reduces the true positive rate for a $10^{-5}$ false positive rate to about .12, which is less than half that of the next-best defense. We also demonstrate DeTorrent's practicality by deploying it alongside the Tor network and find that it maintains its performance when applied to live traffic.

翻译：尽管Tor等匿名网络旨在保护用户隐私，但其易受网站指纹识别（WF）和流关联（FC）等流量分析攻击的影响。近期Tik-Tok和DeepCoFFEA等WF与FC攻击的实现表明，这些攻击可被有效实施，威胁用户隐私。因此，亟需有效的流量分析防御手段。现有防御方案存在效能不足、引入高延迟与带宽开销，或依赖额外基础设施等问题。为此，我们旨在设计一种高效且能同时抵御WF与FC攻击的流量分析防御机制。我们提出DeTorrent，其利用竞争神经网络生成并评估流量分析防御策略，通过在真实流量中插入“假”流量实现防御。DeTorrent以中等开销运行且不延迟流量。在闭集WF场景下，它使攻击者准确率降低61.5%，比次优的纯填充防御提升10.5%。针对最先进的FC攻击者，DeTorrent将假阳性率为$10^{-5}$时的真阳性率降至约0.12，不足次优防御方案的一半。我们还通过将DeTorrent部署于Tor网络验证其实用性，发现其在实时流量中仍能保持防御性能。