洋蔥路由匿名網路的主要功能是為了保護使用者在網際網路上的隱私性,並且除了隱匿客戶端的網路IP位址之外,還能夠作為突破某些資訊封鎖、過濾或監視網路環境的工具,可以讓使用者安全地進行隱匿通訊。 在本篇論文中,我們主要的研究目的是想了解在使用洋蔥路由匿名網路時,使用者會遭遇到哪些潛在的資安風險與弱點威脅。因此,我們嘗試以攻擊者的角度切入來找出這個問題的答案,利用洋蔥路由匿名網路的系統架構並結合中間人攻擊的概念,設計了一個可實際運作、具高度隱匿性且能被動式地對客戶端策動攻擊行動的實驗系統架構來進行相關實作。 透過本篇論文的研究過程及實驗結果,我們討論實驗系統架構的影響範圍,並依據最終的實驗數據資料,分析使用洋蔥路由匿名網路的安全性及潛在的資安威脅與風險。最後,討論目前現有之防禦方法及未來可研究的方向並總結全文。; The main function of Tor anonymity network is to protect the privacy of internet users. In addition to hiding the IP addresses of Tor clients, it is also a tool to make a breakthrough in the environment of information blocking, filtering and monitoring. Tor users can use it to do a secret communication securely. In this thesis, our research purpose is to know that user encounters what the information security risks and the threat of the weakness when they use Tor anonymity network. Consequently, we try to use the thinking of the attackers to find out this answer of this question. We use the network architecture of Tor anonymity network and the concept of man-in-the-middle attack to design an experimental architecture which is high anonymity and attacks users passively to do related implement. We discuss the scope of affecting according to our research and the experimental results in this thesis, and we analysis the security of Tor anonymity network and the potential risks and threats by the final experimental data. Finally, we discuss the current methods of defense and the future work, and make conclusions.
