Honestly, having a network that resembles Tor rules out some of the things that can be done to enormously increase anonymity. But even something that looks a lot like Tor can be much more anonymous than Tor. The first step is to reduce the number of entry guards selected by the client, beyond a doubt to two and it is possible that even using only one is the best option. The second step is to increase the number of nodes on a circuit and introduce layered guard nodes. The third step is to greatly reduce the frequency with which guard nodes are rotated, especially first layer guard nodes. The fourth step is to use PIR for HSDIR requests and to remove the concept of using a set of introduction nodes that persistently introduce for a specific hidden service. Perhaps something like SURBs, the single use reply blocks of type III remailers, can be used instead. In such a case the hidden service would layer encrypt a packet that routes toward it, publish the packet to the HSDIR, and the client would query the HSDIR with a PIR protocol to retrieve one of the signed SURB packets. Then the client would create a circuit and send the SURB to the first node specified, which would remove a layer of encryption revealing the second node specified, etc, all the way up to the hidden service. Something like this. Then the attacker would need to own the hidden services first layer entry guard to do an end point timing attack against connections to the hidden service. Additionally, they could only brute force up to the position of the layered guard node that they own that is closest to the hidden service. Additionally, there would no longer be a centralized set of introduction nodes to DoS. An additional measure that could be taken is using some system to encrypt hidden service addresses. My first thought was that hidden services could be queried for by the hash of their .onion address rather than their .onion address (of course with PIR in either case, but the hash would be used to obscure the list of all .onion addresses from the HSDIR nodes), with the retrieved information encrypted symmetrically with the actual .onion address of the hidden service. However, there have been issues identified with this hash based system. However, rransom, one of the Tor developers, proposed a different (much more advanced) solution that uses elliptic curve cryptography and blinding to get the same security properties without any of the pitfalls. I think that this is essentially the best that Tor can hope for without fundamentally changing itself into something else. Even this proposed set of changes includes significant reworkings of the hidden service protocol.