Many recent proposals for anonymous communication omit from their security analyses a consideration of the effects of time on important system components. In practice, many components of anonymity systems, such as the client location and network structure, exhibit changes and patterns over time. In this paper, we focus on the effect of such temporal dynamics on the security of anonymity networks. We present Tempest, a suite of novel attacks based on (1) client mobility, (2) usage patterns, and (3) changes in the underlying network routing. Using experimental analysis on real-world datasets, we demonstrate that these temporal attacks degrade user privacy across a wide range of anonymity networks, including deployed systems such as Tor; pathselection protocols for Tor such as DeNASA, TAPS, and Counter-RAPTOR; and network-layer anonymity protocols for Internet routing such as Dovetail and HORNET. The degradation is in some cases surprisingly severe. For example, a single host failure or network route change could quickly and with high certainty identify the client’s ISP to a malicious host or ISP. The adversary behind each attack is relatively weak – generally passive and in control of one network location or a small number of hosts. Our findings suggest that designers of anonymity systems should rigorously consider the impact of temporal dynamics when analyzing anonymity.
 Masoud Akhoondi, Curtis Yu, and Harsha V. Madhyastha. LASTor: A low-latency AS-aware Tor client. In IEEE S&P, 2012.
 Alexa top 500 sites. https://www.alexa.com/topsites, 2017.
 Michael Backes, Sebastian Meiser, and Marcin Slowik. Your Choice MATor(s): Large-scale quantitative anonymity assessment of Tor path selection algorithms against structural attacks. PoPETs, 2016(2), 2016.
 Armon Barton and Matthew Wright. DeNASA: Destinationnaive AS-awareness in anonymous communications. PoPETs, 2016(4), 2016.
 Oliver Berthold, Hannes Federrath, and Stefan Köpsell. Web MIXes: A system for anonymous and unobservable Internet access. In Design Issues in Anonymity and Unobservability, 2000.
 C.M. Bishop. Pattern Recognition and Machine Learning. 2006.
 Nikita Borisov, George Danezis, Prateek Mittal, and Parisa Tabriz. Denial of service or denial of security? In ACM CCS, 2007.
 Philippe Boucher, Adam Shostack, and Ian Goldberg. Freedom systems 2.0 architecture. Technical report, Zero Knowledge Systems, Inc., 2000.
 CAIDA AS Ranking. http://as-rank.caida.org/.
 CAIDA Data. http://www.caida.org/data.
 Chen Chen, Daniele E. Asoni, David Barrera, George Danezis, and Adrian Perrig. HORNET: High-speed onion routing at the network layer. In ACM CCS, 2015.
 Chen Chen and Adrian Perrig. PHI: path-hidden lightweight anonymity protocol at network layer. PoPETs, 2017(1), 2017.
 Eunjoon Cho, Seth A Myers, and Jure Leskovec. Friendship and mobility: user movement in location-based social networks. In ACM KDD, 2011.
 Country Report. https://ipinfo.io/countries/, 2017.
 George Danezis and Andrei Serjantov. Statistical disclosure or intersection attacks on anonymity systems. In IH, 2004.
 George Danezis and Carmela Troncoso. Vida: How to use bayesian inference to de-anonymize persistent communications. In PETS, 2009.
 George Danezis and Carmela Troncoso. You cannot hide for long: De-anonymization of real-world dynamic behaviour. In ACM WPES, 2013.
 Roger Dingledine, Nick Mathewson, and Paul Syverson. Tor: The second-generation onion router. In USENIX Security, 2004.
 Matthew Edman and Paul Syverson. AS-awareness in Tor path selection. In ACM CCS, 2009.
 Tariq Elahi, Kevin Bauer, Mashael AlSabah, Roger Dingledine, and Ian Goldberg. Changing of the guards: A framework for understanding and improving entry guard selection in Tor. In ACM WPES, 2012.
 Nathan S. Evans, Roger Dingledine, and Christian Grothoff. A practical congestion attack on Tor using long paths. In USENIX Security, 2009.
 Nick Feamster and Roger Dingledine. Location diversity in anonymity networks. In ACM WPES, 2004.
 Phillipa Gill, Michael Schapira, and Sharon Goldberg. Modeling on quicksand: Dealing with the scarcity of ground truth in interdomain routing data. SIGCOMM CCR, 42(1), 2012.
 P. Brighten Godfrey, Igor Ganichev, Scott Shenker, and Ion Stoica. Pathlet routing. In ACM SIGCOMM, 2009.
 David M. Goldschlag, Michael G. Reed, and Paul F. Syverson. Hiding Routing Information. In IH, 1996.
 Jamie Hayes and George Danezis. Guard sets for onion routing. PoPETs, 2015(2), 2015.
 Jamie Hayes and George Danezis. k-fingerprinting: A robust scalable website fingerprinting technique. In USENIX Security, 2016.
 Michael Herrmann and Christian Grothoff. Privacy implications of performance-based peer selection by onion routers: A real-world case study using i2p. In PETS, 2011.
 Nicholas Hopper, Eugene Y. Vasserman, and Eric Chan-Tin. How much anonymity does network latency leak? ACM TISSEC, 13(2), 2010.
 Hsu-Chun Hsiao, Tiffany Hyun-Jin Kim, Adrian Perrig, Akira Yamada, Sam Nelson, Marco Gruteser, and Wei Ming. LAP: Lightweight anonymity and privacy. In IEEE S&P, 2012.
 Otto Huhta. Linking Tor circuits. Master’s thesis, UCL, 2014.
 Aaron Jaggard and Paul Syverson. Oft target: Tor adversary models that don’t miss the mark. In HotPETs, 2017.
 Aaron D. Jaggard and Paul Syverson. Onions in the crosshairs: When The Man really is out to get you. In ACM WPES, 2017.
 Rob Jansen, Florian Tschorsch, Aaron Johnson, and Björn Scheuermann. The sniper attack: Anonymously deanonymizing and disabling the Tor network. In ISOC NDSS, 2014.
 Aaron Johnson, Rob Jansen, Aaron D. Jaggard, Joan Feigenbaum, and Paul Syverson. Avoiding The Man on the Wire: Improving Tor’s security with trust-aware path selection. In ISOC NDSS, 2017.
 Aaron Johnson, Paul Syverson, Roger Dingledine, and Nick Mathewson. Trust-based anonymous communication: Adversary models and routing algorithms. In ACM CCS, 2011.
 Aaron Johnson, Chris Wacek, Rob Jansen, Micah Sherr, and Paul Syverson. Users get routed: Traffic correlation on Tor by realistic adversaries. In ACM CCS, 2013.
 Joshua Juen. Protecting anonymity in the presence of autonomous system and internet exchange level adversaries. Master’s thesis, UIUC, 2012.
 Joshua Juen, Aaron Johnson, Anupam Das, Nikita Borisov, and Matthew Caesar. Defending Tor from network adversaries: A case study of network path prediction. PoPETs, 2015(2), 2015.
 Dogan Kedogan, Dakshi Agrawal, and Stefan Penz. Limits of anonymity in open environments. In IH, 2003.
 Dogan Kesdogan, Jan Egner, and Roland Büschkes. Stopand- go MIXes: Providing probabilistic anonymity in an open system. In IH, 1998.
 Z. Morley Mao, Lili Qiu, Jia Wang, and Yin Zhang. On AS-level path inference. In ACM SIGMETRICS, 2005.
 Nick Mathewson and Roger Dingledine. Practical traffic analysis: Extending and resisting statistical disclosure. In PETS, 2004.
 Prateek Mittal, Ahmed Khurshid, Joshua Juen, Matthew Caesar, and Nikita Borisov. Stealthy traffic analysis of low-latency anonymous communication using throughput fingerprinting. In ACM CCS, 2011.
 Steven J. Murdoch. Hot or not: Revealing hidden services by their clock skew. In ACM CCS, 2006.
 Steven J. Murdoch and George Danezis. Low-cost traffic analysis of Tor. In IEEE S&P, 2005.
 Steven J. Murdoch and Piotr Zielinski. Sampled traffic analysis by Internet-exchange-level adversaries. In PETS, 2007.
 Malik Sajjad Ahmed Nadeem, Jean-Daniel Zucker, and Blaise Hanczar. Accuracy-rejection curves (arcs) for comparing classification methods with a reject option. In Machine Learning in Systems Biology, 2009.
 Rishab Nithyanand, Oleksii Starov, Phillipa Gill, Adva Zair, and Michael Schapira. Measuring and mitigating AS-level adversaries against Tor. In ISOC NDSS, 2016.
 Lasse Øverlier and Paul Syverson. Locating hidden servers. In IEEE S&P, 2006.
 Jean-François Raymond. Traffic analysis: Protocols, attacks, design issues, and open problems. In Design Issues in Anonymity and Unobservability, 2001.
 Michael Reiter and Aviel Rubin. Crowds: Anonymity for web transactions. ACM TISSEC, 1(1), 1998.