Abstract:Tor Onion Services are a way to host websites and other internet services anonymously. Onion Services are often used to bypass internet censorship and provide information services to users in oppressive regimes. This paper presents an analysis of the security defences deployed on these Onion Services. Onion Services tend to have better security policy than sites on the clear web. However they lag behind in the deployment of HTTPS, a key defence to ensuring the security of users of such services.

What problem does this paper attempt to address?

The problem that this paper attempts to solve is to analyze the security defense measures of Tor Onion Services and compare them with websites on the clear web. Specifically, the main research objectives include: 1. **HTTPS Usage**: Explore whether Onion Services use HTTPS as frequently as other websites. 2. **HTTPS Usage in Single - layer Onion Services**: Research whether single - layer Onion Services use HTTPS as frequently as other hidden services. 3. **TLS Version Usage**: Analyze whether Onion Services use the same TLS versions as the clear web. 4. **Certificate Key Length**: Examine whether Onion Services use the same certificate key length as the clear web. 5. **Extended Validation Certificate Usage**: Research whether Onion Services use extended validation certificates as frequently as other websites. 6. **Strict Transport Security (STS) Usage**: Analyze whether Onion Services use STS as frequently as other websites. 7. **Content Security Policy (CSP) Usage**: Explore whether Onion Services use CSP as frequently as other websites. 8. **Permissions Policy (PP) Usage**: Research whether Onion Services use PP as frequently as other websites. 9. **X - Frame - Options Usage**: Analyze whether Onion Services use X - Frame - Options as frequently as other websites. 10. **X - Content - Type - Options Usage**: Explore whether Onion Services use X - Content - Type - Options as frequently as other websites. 11. **Referer Policy Usage**: Research whether Onion Services use Referer Policy as frequently as other websites. Through these analyses, the paper aims to evaluate the performance of Onion Services in terms of security and privacy protection and identify the differences between them and clear - web websites. This helps to understand the advantages and disadvantages of Onion Services in terms of technical implementation and security configuration, thus providing a basis for improvement.

Hiding in text/plain sight: Security defences of Tor Onion Services

How Do Tor Users Interact With Onion Services?

Genuine onion: Simple, Fast, Flexible, and Cheap Website Authentication

Protecting Onion Service Users Against Phishing

Content and Popularity Analysis of Tor Hidden Services

Guardians of Anonymity: Exploring Tactics to Combat Cyber Threats in Onion Routing Environments

How Unique is Your .onion? An Analysis of the Fingerprintability of Tor Onion Services

Attacks on Onion Discovery and Remedies via Self-Authenticating Traditional Addresses

Updated exploration of the Tor network: advertising, availability and protocols of onion services

Leakage of .onion at the DNS Root

Onions in the Crosshairs: When The Man really is out to get you

A Study on Security Analysis of the Unlinkability in Tor

Distinguishing Tor From Other Encrypted Network Traffic Through Character Analysis

The Anonymity of the Dark Web: A Survey

TorPolice: Towards Enforcing Service-Defined Access Policies in Anonymous Systems

A Comprehensive Analysis of Website Fingerprinting Defenses on Tor

OnionBots: Subverting Privacy Infrastructure for Cyber Attacks

Tracing Tor Hidden Service Through Protocol Characteristics

TorPolice: Towards Enforcing Service-Defined Access Policies for Anonymous Communication in the Tor Network

A Stealthy Attack Against Tor Guard Selection

A Mixed Anonymous System Based on Tor