How to prove that the anonymity of the Onion service has been broken

If the IP addresses of certain onion services can be detected through previously published papers, how can it be proven that these IP addresses are onion services.

Mainly, it’s because a shared service is being hosted.

You can read a couple techniques here and here.

My understanding was that onion services did not get contacted by IP but it stands to reason that if it’s on the internet it must have an IP.

So for the rest of us, which published papers and where do we get to read them?

BTW, I don’t have you answer.

I thought of a way that I can perform a DoS attack on this IP. Then access the onion service corresponding to this IP, and if there is an access timeout or other anomaly, it means that this IP is the IP address of the onion service.

Unfortunately, implementing a DoS attack is costly and I don’t have that kind of money to validate my scenario.

Yes, even if the onion service is deployed on a LAN, the company or organisation it is located in is bound to have an internet IP.

Currently, there are a lot of ways to compromise the Onion service or Tor users (de-anonymisation or DoS). They are publicly published in papers, such as protocol-level watermarking attacks and website fingerprinting attacks.

I don’t think website fingerprinting attacks are reliable when it comes to practical applications, instead, protocol-level watermarking attacks are more practical.

You can search for recent and relevant papers using the website The Keyword is ‘Tor’ or ‘onion’.

I only started reading some articles and can understand not having the resources to validate your scenario. You would need some sort of sponsor or be a millionaire. TKS