Tor is vulnerable to traffic correlation attacks; existing defenses suffer from high overhead and insufficient dynamic obfuscation at the exit relay. This paper proposes a connection-level dynamic obfuscation mechanism that, without active padding or artificial delay injection, virtualizes connections and employs network-state-aware dynamic mapping to real-time transform actual connections into perturbed virtual ones—fully decoupling ingress and egress traffic patterns. Crucially, it achieves the first adaptive, real-time perturbation of exit traffic patterns while maintaining full compatibility with the current Tor protocol stack. Experimental evaluation demonstrates a dramatic reduction in correlation attack detection rate to 1% (false positive rate = 10⁻²), with only 2.17% bandwidth overhead and end-to-end latency reduced to 1/27 of the state-of-the-art solution.

Tor, a widely utilized privacy network, enables anonymous communication but is vulnerable to flow correlation attacks that deanonymize users by correlating traffic patterns from Tor's ingress and egress segments. Various defenses have been developed to mitigate these attacks; however, they have two critical limitations: (i) significant network overhead during obfuscation and (ii) a lack of dynamic obfuscation for egress segments, exposing traffic patterns to adversaries. In response, we introduce MUFFLER, a novel connection-level traffic obfuscation system designed to secure Tor egress traffic. It dynamically maps real connections to a distinct set of virtual connections between the final Tor nodes and targeted services, either public or hidden. This approach creates egress traffic patterns fundamentally different from those at ingress segments without adding intentional padding bytes or timing delays. The mapping of real and virtual connections is adjusted in real-time based on ongoing network conditions, thwarting adversaries' efforts to detect egress traffic patterns. Extensive evaluations show that MUFFLER mitigates powerful correlation attacks with a TPR of 1% at an FPR of 10^-2 while imposing only a 2.17% bandwidth overhead. Moreover, it achieves up to 27x lower latency overhead than existing solutions and seamlessly integrates with the current Tor architecture.