TOR

Tor is a tool for navigating the web while making "extremely difficult" to identify the browser.

It is basically a large set of HTTP proxies. The browser sends an HTTP request to a proxy along with a description of the route to follow within the set; the request travels along the set in such a way that each proxy knows only the next step; eventually one proxy will send the HTTP request to the destination web server.

One of the many complications is that the corresponding HTTP response will have to reach the corresponding brwoser, still guaranteeing that nobody (including web server and each proxy) can identify that browser.

Seeking Anonymity in an Internet Panopticon
Communications of the ACM, October 2015, Vol. 58 No. 10, Pages 58-69
https://cacm.acm.org/magazines/2015/10/192387-seeking-anonymity-in-an-internet-panopticon/fulltext

This is an academic paper that describes a research project for developing an alternative to Tor. The first part describes in a concise but very accurate and precise way what "onion routing" is and how Tor works.

Technical and Legal Overview of the Tor Anonymity Network
CCDCOE (The NATO Cooperative Cyber Defence)
https://ccdcoe.org/library/publications/technical-and-legal-overview-of-the-tor-anonymity-network/

The title says it all. The description is much more detailed than the one in the previous paper.

Update March 2022

Alert (AA20-183A) Defending Against Malicious Cyber Activity Originating from Tor

https://www.cisa.gov/uscert/ncas/alerts/aa20-183a

Tor obfuscates the location of the user. Given an HTTP request arriving at a web server, determining what is the browser that originated that request is "extremely difficult". It is of no surprise that web attackers sometimes hide behind Tor. This alert by the Dept. of Homeland Security of the US describes one such attack campaign and what defenders should do.

The FBI Used the Web's Favorite Hacking Tool to Unmask Tor Users

https://www.wired.com/2014/12/fbi-metasploit-tor/

Unmasking Tor users is not impossible. With lot of time, effort, skills, Tor users might be unmasked. This paper illustrates a successful effort led by the FBI.

How Malicious Tor Relays are Exploiting Users in 2020 (Part I)

https://nusenu.medium.com/how-malicious-tor-relays-are-exploiting-users-in-2020-part-i-1097575c0cac

Since Tor proxies are basically MITM entities, it is of no surprise that one might want to actually act as a MITM attacker in Tor, thereby affecting all the Tor traffic that happens to travel through the corresponding proxy. This paper analyzes a large attack campaign of this kind. According to the author, in certain periods approximately 20% of Tor "exit nodes" (i.e., proxies from which traffic leaves the Tor network toward the intended web server destination) were controlled by an attacker. I cannot certify the quality of this analysis.