Anonymity networks like Tor greatly improve online privacy but are susceptible to correlation attacks from state-level adversaries and Internet censors. To enhance privacy, covert channels encapsulated in media protocols, particularly WebRTC-based encapsulation, have shown promise against passive traffic correlation attacks. However, their effectiveness against active correlation attacks has not been explored, and compatibility with Tor remains limited. This paper introduces TorKameleon, a censorship evasion solution that protects Tor users from passive and active correlation attacks. It incorporates K-anonymization techniques to fragment and reroute traffic through multiple paths formed by multiple proxies and uses covert WebRTC-based channels or TLS tunnels to encapsulate user traffic. The developed prototype has undergone extensive validation for performance and resilience against correlation attacks, showcasing its effectiveness.

翻译：匿名网络（如Tor）虽极大增强了在线隐私，却易遭受国家级对手和互联网审查方的关联攻击。为提升隐私保护，封装于媒体协议（尤其是基于WebRTC的封装技术）中的隐蔽信道已被证实能有效抵御被动流量关联攻击，但其对抗主动关联攻击的有效性尚未得到验证，且与Tor的兼容性仍存在局限。本文提出TorKameleon——一种规避审查的解决方案，可保护Tor用户免受被动与主动关联攻击。该方案融合K匿名化技术，通过多个代理构建多路径进行流量分段与重路由，并采用基于WebRTC的隐蔽信道或TLS隧道封装用户流量。经开发的原型系统在抗关联攻击性能与鲁棒性方面通过了全面验证，充分展示了其有效性。