Anatoly Shusterman,Zohar Avraham,Eliezer Croitoru,Yarden Haskal,Lachlan Kang,Dvir Levi,Yosef Meltser,Prateek Mittal,Yossi Oren,Yuval Yarom

DOI: https://doi.org/10.1109/tdsc.2020.2988369

2020-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Website fingerprinting attacks use statistical analysis on network traffic to compromise user privacy. The classical attack model used to evaluate website fingerprinting attacks assumes an on-path adversary, who observes traffic traveling between the user's computer and the network. In this article we investigate a different attack model, in which the adversary sends JavaScript code to the target user's computer. This code mounts a cache side-channel attack to identify other websites being browsed. Using machine learning techniques to classify traces of cache activity, we achieve high classification accuracy in both the open-world and the closed-world models. Our attack is more resistant than network-based fingerprinting to the effects of response caching, and resilient both to network-based defenses and to side-channel countermeasures. We carry out a real-world evaluation of several aspects of our attack, exploring the impact of the changes in websites and browsers over time, as well as of the attacker's ability to guess the software and hardware configuration of the target user's computer. To protect against cache-based website fingerprinting, new defense mechanisms must be introduced to privacy-sensitive browsers and websites. We investigate one such mechanism, and show that it reduces the effectiveness of the attack and completely eliminates it when used in the Tor Browser.

computer science, information systems, software engineering, hardware & architecture

Guodong Huang,Chuan Ma,Ming Ding,Yuwen Qian,Chunpeng Ge,Liming Fang,Zhe Liu

DOI: https://doi.org/10.48550/arXiv.2302.13763

2023-02-27

Abstract:Website fingerprinting attack is an extensively studied technique used in a web browser to analyze traffic patterns and thus infer confidential information about users. Several website fingerprinting attacks based on machine learning and deep learning tend to use the most typical features to achieve a satisfactory performance of attacking rate. However, these attacks suffer from several practical implementation factors, such as a skillfully pre-processing step or a clean dataset. To defend against such attacks, random packet defense (RPD) with a high cost of excessive network overhead is usually applied. In this work, we first propose a practical filter-assisted attack against RPD, which can filter out the injected noises using the statistical characteristics of TCP/IP traffic. Then, we propose a list-assisted defensive mechanism to defend the proposed attack method. To achieve a configurable trade-off between the defense and the network overhead, we further improve the list-based defense by a traffic splitting mechanism, which can combat the mentioned attacks as well as save a considerable amount of network overhead. In the experiments, we collect real-life traffic patterns using three mainstream browsers, i.e., Microsoft Edge, Google Chrome, and Mozilla Firefox, and extensive results conducted on the closed and open-world datasets show the effectiveness of the proposed algorithms in terms of defense accuracy and network efficiency.

Cryptography and Security,Machine Learning

Xiyuan Zhao,Xinhao Deng,Qi Li,Yunpeng Liu,Zhuotao Liu,Kun Sun,Ke Xu

2024-09-06

Abstract:Website Fingerprinting (WF) attacks can effectively identify the websites visited by Tor clients via analyzing encrypted traffic patterns. Existing attacks focus on identifying different websites, but their accuracy dramatically decreases when applied to identify fine-grained webpages, especially when distinguishing among different subpages of the same website. WebPage Fingerprinting (WPF) attacks face the challenges of highly similar traffic patterns and a much larger scale of webpages. Furthermore, clients often visit multiple webpages concurrently, increasing the difficulty of extracting the traffic patterns of each webpage from the obfuscated traffic. In this paper, we propose Oscar, a WPF attack based on multi-label metric learning that identifies different webpages from obfuscated traffic by transforming the feature space. Oscar can extract the subtle differences among various webpages, even those with similar traffic patterns. In particular, Oscar combines proxy-based and sample-based metric learning losses to extract webpage features from obfuscated traffic and identify multiple webpages. We prototype Oscar and evaluate its performance using traffic collected from 1,000 monitored webpages and over 9,000 unmonitored webpages in the real world. Oscar demonstrates an 88.6% improvement in the multi-label metric Recall@5 compared to the state-of-the-art attacks.

Cryptography and Security,Artificial Intelligence

Meng Shen,Yiting Liu,Liehuang Zhu,Xiaojiang Du,Jiankun Hu

DOI: https://doi.org/10.1109/tifs.2020.3046876

IF: 7.231

2021-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Encrypted web traffic can reveal sensitive information of users, such as their browsing behaviors. Existing studies on encrypted traffic analysis focus on website fingerprinting. We claim that fine-grained webpage fingerprinting, which speculates specific webpages on a same website visited by a victim, allows exploiting more user private information, e.g., shopping interests in an online shopping mall. Since webpages from the same website usually have very similar traffic traces that make them indistinguishable, existing solutions may end up with low accuracy. In this paper, we propose FineWP, a novel fine-grained webpage fingerprinting method. We make an observation that the length information of packets in bidirectional client-server interactions can be distinctive features for webpage fingerprinting. The extracted features are then fed into traditional machine learning models to train classifiers, which achieve both high accuracy and low training overhead. We collect two real-world traffic datasets and construct closed- and open-world evaluations to verify the effectiveness of FineWP. The experimental results demonstrate that FineWP is superior to the state-of-the-art methods in terms of accuracy, time complexity and stability.

computer science, theory & methods,engineering, electrical & electronic

Xiaoyun Yuan,Tengyao Li,Lingling Li,Ruixiang Li,Zhiquan Wang,Xiangyang Luo

DOI: https://doi.org/10.1016/j.comnet.2024.110217

IF: 5.493

2024-01-29

Computer Networks

Abstract:Website Fingerprinting (WF) attacks on Tor are exploited to analyze encrypted traffic traces and infer the visited websites by analyzing traffic traces between users and the Tor entry guard. State-of-the-art WF methods have demonstrated impressive results in simulation experiments against Tor-protected network traffic. However, existing WF attacks have significant limitations in real-world scenarios due to potential mismatches between the data distribution in the experimental environment and that of the real world. Additionally, it is often unknown in advance which sites a client will access. In this paper, we propose a WF enhancing technique that leverages difficult-to-classify samples to train a website classifier, which exploits hard samples to train a website classifier using their distinctive features. We conduct a more detailed analysis of the impact that unbalanced data on WF attacks. In order to improve the performance, we extract misclassified traces from the unmonitored sites as the hard samples and train them using a triplet network structure to enhance their feature representation. By utilizing this method, an attacker can train a classifier that learns more features from the open world, potentially improving the accuracy and effectiveness of website fingerprinting techniques. This approach allows for a more comprehensive understanding of website characteristics and better discrimination between monitored and unmonitored sites. The experimental results demonstrate that the proposed technique has a substantial positive impact on the precision of misidentified traffic traces. The best recall rate achieved is 98.43%, while the average recall for hard samples is an impressive 93.28%. These results collectively highlight the effectiveness and reliability of the proposed technique in accurately identifying challenging traffic samples.

computer science, information systems,telecommunications,engineering, electrical & electronic, hardware & architecture

Yixiao Xu,Tao Wang,Qi Li,Qingyuan Gong,Yang Chen,Yong Jiang

DOI: https://doi.org/10.1145/3274694.3274697

2018-01-01

Abstract:In a Website Fingerprinting (WF) attack, a local, passive eavesdropper utilizes network flow information to identify which web pages a user is browsing. Previous researchers have extensively demonstrated the feasibility and effectiveness of WF, but only under the strong Single Page Assumption: the network flow extracted by the adversary always belongs to a single page. In other words, the WF classifier will never be asked to classify a network flow corresponding to more than one page, or part of a page. The Single Page Assumption is unrealistic because people often browse with multiple tabs. When this happens, the network flow induced by multiple tabs will overlap, and current WF attacks fail to classify correctly. Our work demonstrates the feasibility of WF with the relaxed Single Page Assumption: we can attack a client who visits more than one pages simultaneously. We propose a multi-tab website fingerprinting attack that can accurately classify multi-tab web pages if they are requested and sequentially loaded over a short period of time. In particular, we develop a new BalanceCascade-XGBoost scheme for an attacker to identify the start point of the second page such that the attacker can accurately classify and identify these multi-tab pages. By developing a new classifier, we only use a small chunk of packets, i.e., packets between the first page's start time to the second page's start time, to fingerprint website. Our experiments demonstrate that in the multi-tab scenario, WF attacks are still practically effective. We have an average TPR of 92.58% on SSH, and we can also averagely identify the page with a TPR of 64.94% on Tor. Specially, compared with previous WF classifiers, our attack achieves a significantly higher true positive rate using a restricted chunk of packets.

I. Goldberg,Tao Wang

Abstract:Website fingerprinting is a traffic analysis attack that allows an eavesdropper to determine the web activity of a client, even if the client is using privacy technologies such as proxies, VPNs, or Tor. Effective defenses against website fingerprinting hamper user experience due to their large bandwidth overhead and time overhead, requiring more than a half minute to load a page on average. In this work we propose a new defense against website fingerprinting, Walkie-Talkie, with a small overhead that can confuse even a perfectly classifying attacker. Walkie-Talkie modifies the browser to communicate in half-duplex mode rather than the usual full-duplex mode, thus restricting the feature set available to the attacker. We then add random padding to further confuse the attacker. With Walkie-Talkie, at a bandwidth overhead of 32% and time overhead of 9%, the perfect attacker’s false positive rate exceeds 5%; at a bandwidth overhead of 55%, the perfect attacker’s false positive rate exceeds 10%. Our defense therefore allows webbrowsing clients to defend their privacy against website fingerprinting both effectively and efficiently.

Computer Science

Chuxu Song,Zining Fan,Hao Wang,Richard Martin

2024-07-28

Abstract:Website fingerprinting (WF) attacks identify the websites visited over anonymized connections by analyzing patterns in network traffic flows, such as packet sizes, directions, or interval times using a machine learning classifier. Previous studies showed WF attacks achieve high classification accuracy. However, several issues call into question whether existing WF approaches are realizable in practice and thus motivate a re-exploration. Due to Tor's performance issues and resulting poor browsing experience, the vast majority of users opt for Virtual Private Networking (VPN) despite VPNs weaker privacy protections. Many other past assumptions are increasingly unrealistic as web technology advances. Our work addresses several key limitations of prior art. First, we introduce a new approach that classifies entire websites rather than individual web pages. Site-level classification uses traffic from all site components, including advertisements, multimedia, and single-page applications. Second, our Convolutional Neural Network (CNN) uses only the jitter and size of 500 contiguous packets from any point in a TCP stream, in contrast to prior work requiring heuristics to find page boundaries. Our seamless approach makes eavesdropper attack models realistic. Using traces from a controlled browser, we show our CNN matches observed traffic to a website with over 90% accuracy. We found the training traffic quality is critical as classification accuracy is significantly reduced when the training data lacks variability in network location, performance, and clients' computational capability. We enhanced the base CNN's efficacy using domain adaptation, allowing it to discount irrelevant features, such as network location. Lastly, we evaluate several defensive strategies against seamless WF attacks.

Cryptography and Security

Mantun Chen,Yongxin Chen,Yongjun Wang,Peidai Xie,Shaojing Fu,Xiatian Zhu

DOI: https://doi.org/10.48550/arXiv.2203.06376

2022-03-12

Cryptography and Security

Abstract:Website fingerprinting attack (WFA) aims to deanonymize the website a user is visiting through anonymous networks channels (e.g., Tor). Despite of remarkable progress in the past years, most existing methods make implicitly a couple of artificial assumptions that (1) only a single website (i.e., single-tab) is visited each time, and (2) website fingerprinting data are pre-trimmed into a single trace per website manually. In reality, a user often open multiple tabs for multiple websites spontaneously. Indeed, this multi-tab WFA (MT-WFA) setting has been studied in a few recent works, but all of them still fail to fully respect the real-world situations. In particular, the overlapping challenge between website fingerprinting has never been investigated in depth. In this work, we redefine the problem of MT-WFA as detecting multiple monitored traces, given a natural untrimmed traffic data including monitored traces, unmonitored traces, and potentially unconstrained overlapping between them. This eliminates the above assumptions, going beyond the conventional single website fingerprint classification perspective taken by all previous WFA methods. To tackle this realistic MT-WFA problem, we formulate a novel Website Fingerprint Detection (WFD) model capable of detecting accurately the start and end points of all the monitored traces and classifying them jointly, given long, untrimmed raw traffic data. WFD is end-to-end, with the trace localization and website classification integrated in a single unified pipeline. To enable quantitative evaluation in our MT-WFA setting, we introduce new performance metrics. Extensive experiments on several newly constructed benchmarks show that our WFD outperforms the state-of-the-art alternative methods in both accuracy and efficiency by a large margin, even with a very small training set. Code is available at https://github.com/WFDetector/WFDetection

James K Holland,Nicholas Hopper

DOI: https://doi.org/10.48550/arXiv.2012.06609

2021-09-22

Abstract:Website Fingerprinting (WF) attacks are used by local passive attackers to determine the destination of encrypted internet traffic by comparing the sequences of packets sent to and received by the user to a previously recorded data set. As a result, WF attacks are of particular concern to privacy-enhancing technologies such as Tor. In response, a variety of WF defenses have been developed, though they tend to incur high bandwidth and latency overhead or require additional infrastructure, thus making them difficult to implement in practice. Some lighter-weight defenses have been presented as well; still, they attain only moderate effectiveness against recently published WF attacks. In this paper, we aim to present a realistic and novel defense, RegulaTor, which takes advantage of common patterns in web browsing traffic to reduce both defense overhead and the accuracy of current WF attacks. In the closed-world setting, RegulaTor reduces the accuracy of the state-of-the-art attack, Tik-Tok, against comparable defenses from 66% to 25.4%. To achieve this performance, it requires limited added latency and a bandwidth overhead 39.3% less than the leading moderate-overhead defense. In the open-world setting, RegulaTor limits a precision-tuned Tik-Tok attack to an F-score of .135, compared to .625 for the best comparable defense.

Cryptography and Security

Qilei Yin,Zhuotao Liu,Qi Li,Tao Wang,Qian Wang,Chao Shen,Yixiao Xu

DOI: https://doi.org/10.1109/tdsc.2021.3104869

2021-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:In Website Fingerprinting (WF) attack, a local passive eavesdropper utilizes network flow information to identify which web pages a user is browsing. Previous researchers have demonstrated the feasibility and effectiveness of WF attacks under a strong Single Page Assumption: the network flow extracted by the adversary belongs to a single web page. In reality, the assumption may not hold because users tend to open multiple tabs simultaneously (or within a short period of time) so that their network traffic is mixed. In this article, we propose an automated multi-tab Website Fingerprinting attack that is able to accurately classify websites regardless of the number of simultaneously opened pages. Our design is powered by two innovative designs. First, we develop a split point classification method to dynamically identify the split point between the first page and its subsequent pages. As a result, the network traffic before the split point is solely generated for the first page. Then, we propose a new chunk-based WF classifier to infer the websites based on the initial chunk of clean traffic. For both classifiers, we apply automated feature selection to select a concise yet representative feature set. We implement a prototype of our design and perform extensive evaluations using SSH and Tor-based datasets to demonstrate the effectiveness of both our system components individually and the integrated system as a whole.

Anatoly Shusterman,Lachlan Kang,Yarden Haskal,Yosef Meltser,Prateek Mittal,Yossi Oren,Yuval Yarom

DOI: https://doi.org/10.48550/arXiv.1811.07153

2019-02-21

Abstract:Website fingerprinting attacks, which use statistical analysis on network traffic to compromise user privacy, have been shown to be effective even if the traffic is sent over anonymity-preserving networks such as Tor. The classical attack model used to evaluate website fingerprinting attacks assumes an on-path adversary, who can observe all traffic traveling between the user's computer and the Tor network. In this work we investigate these attacks under a different attack model, in which the adversary is capable of running a small amount of unprivileged code on the target user's computer. Under this model, the attacker can mount cache side-channel attacks, which exploit the effects of contention on the CPU's cache, to identify the website being browsed. In an important special case of this attack model, a JavaScript attack is launched when the target user visits a website controlled by the attacker. The effectiveness of this attack scenario has never been systematically analyzed, especially in the open-world model which assumes that the user is visiting a mix of both sensitive and non-sensitive sites. In this work we show that cache website fingerprinting attacks in JavaScript are highly feasible, even when they are run from highly restrictive environments, such as the Tor Browser. Specifically, we use machine learning techniques to classify traces of cache activity. Unlike prior works, which try to identify cache conflicts, our work measures the overall occupancy of the last-level cache. We show that our approach achieves high classification accuracy in both the open-world and the closed-world models. We further show that our techniques are resilient both to network-based defenses and to side-channel countermeasures introduced to modern browsers as a response to the Spectre attack.

Cryptography and Security,Machine Learning

Shangdong Wang,Zhiliang Wang,Chenglong Li,Dongqi Han,Jiahai Yang,Hui Zhang

DOI: https://doi.org/10.1109/noms59830.2024.10575874

2024-01-01

Abstract:Website fingerprinting (WF) attacks pose a serious threat to users’ online privacy, even when using privacy-enhancing tools like Tor. Previous attacks mostly rely on supervised learning and only a few studies have explored the few-shot setting which is more realistic. In this paper, we propose TrafficSiam, a novel WF attack based on few-shot learning with self-supervised learning, which enables our model to be pretrained with unlabeled tor traffic and transferred to new tasks using a small number of labeled samples which is more realistic and yield stronger generalization ability. We conduct a series of experiments, using only a small amount of labeled samples, and find that our model achieves 92.32% accuracy in the closed-world setting, compared to the highest accuracy 88.73%, using previous methods. Furthermore, our model also outperforms previous attacks in the open-world setting.

Vera Rimmer,Davy Preuveneers,Marc Juarez,Tom Van Goethem,Wouter Joosen

DOI: https://doi.org/10.14722/ndss.2018.23105

2017-12-06

Abstract:Several studies have shown that the network traffic that is generated by a visit to a website over Tor reveals information specific to the website through the timing and sizes of network packets. By capturing traffic traces between users and their Tor entry guard, a network eavesdropper can leverage this meta-data to reveal which website Tor users are visiting. The success of such attacks heavily depends on the particular set of traffic features that are used to construct the fingerprint. Typically, these features are manually engineered and, as such, any change introduced to the Tor network can render these carefully constructed features ineffective. In this paper, we show that an adversary can automate the feature engineering process, and thus automatically deanonymize Tor traffic by applying our novel method based on deep learning. We collect a dataset comprised of more than three million network traces, which is the largest dataset of web traffic ever used for website fingerprinting, and find that the performance achieved by our deep learning approaches is comparable to known methods which include various research efforts spanning over multiple years. The obtained success rate exceeds 96% for a closed world of 100 websites and 94% for our biggest closed world of 900 classes. In our open world evaluation, the most performant deep learning model is 2% more accurate than the state-of-the-art attack. Furthermore, we show that the implicit features automatically learned by our approach are far more resilient to dynamic changes of web content over time. We conclude that the ability to automatically construct the most relevant traffic features and perform accurate traffic recognition makes our deep learning based approach an efficient, flexible and robust technique for website fingerprinting.

Cryptography and Security,Machine Learning

Xiang Cai,Rishab Nithyanand,Rob Johnson

DOI: https://doi.org/10.48550/arXiv.1401.6022

2014-01-23

Abstract:Website fingerprinting attacks enable an adversary to infer which website a victim is visiting, even if the victim uses an encrypting proxy, such as Tor. Previous work has shown that all proposed defenses against website fingerprinting attacks are ineffective. This paper advances the study of website fingerprinting attacks and defenses in two ways. First, we develop bounds on the trade-off between security and bandwidth overhead that any fingerprinting defense scheme can achieve. This enables us to compare schemes with different security/overhead trade-offs by comparing how close they are to the lower bound. We then refine, implement, and evaluate the Congestion Sensitive BuFLO scheme outlined by Cai, et al. CS-BuFLO, which is based on the provably-secure BuFLO defense proposed by Dyer, et al., was not fully-specified by Cai, et al, but has nonetheless attracted the attention of the Tor developers. Our experiments find that CS-BuFLO has high overhead (around 2.3-2.8x) but can get 6x closer to the bandwidth/security trade-off lower bound than Tor or plain SSH.

Cryptography and Security

Meng Shen,Kexin Ji,Zhenbo Gao,Qi Li,Liehuang Zhu,Ke Xu

2023-01-01

Abstract:Anonymity networks, e.g., Tor, are vulnerable to various website fingerprinting (WF) attacks, which allows attackers to perceive user privacy on these networks. However, the defenses developed recently can effectively interfere with WF attacks, e.g., by simply injecting dummy packets. In this paper, we propose a novel WF attack called Robust Fingerprinting (RF), which enables an attacker to fingerprint the Tor traffic under various defenses. Specifically, we develop a robust traffic representation method that generates Traffic Aggregation Matrix (TAM) to fully capture key informative features leaked from Tor traces. By utilizing TAM, an attacker can train a CNN-based classifier that learns common high-level traffic features uncovered by different defenses. We conduct extensive experiments with public real-world datasets to compare RF with state-of-the-art (SOTA) WF attacks. The closed-and open-world evaluation results demonstrate that RF significantly outperforms the SOTA attacks. In particular, RF can effectively fingerprint Tor traffic under the SOTA defenses with an average accuracy improvement of 8.9% over the best existing attack (i.e., Tik-Tok).

Payap Sirinam,Mohsen Imani,Marc Juarez,Matthew Wright

DOI: https://doi.org/10.48550/arXiv.1801.02265

2018-08-20

Abstract:Website fingerprinting enables a local eavesdropper to determine which websites a user is visiting over an encrypted connection. State-of-the-art website fingerprinting attacks have been shown to be effective even against Tor. Recently, lightweight website fingerprinting defenses for Tor have been proposed that substantially degrade existing attacks: WTF-PAD and Walkie-Talkie. In this work, we present Deep Fingerprinting (DF), a new website fingerprinting attack against Tor that leverages a type of deep learning called Convolutional Neural Networks (CNN) with a sophisticated architecture design, and we evaluate this attack against WTF-PAD and Walkie-Talkie. The DF attack attains over 98% accuracy on Tor traffic without defenses, better than all prior attacks, and it is also the only attack that is effective against WTF-PAD with over 90% accuracy. Walkie-Talkie remains effective, holding the attack to just 49.7% accuracy. In the more realistic open-world setting, our attack remains effective, with 0.99 precision and 0.94 recall on undefended traffic. Against traffic defended with WTF-PAD in this setting, the attack still can get 0.96 precision and 0.68 recall. These findings highlight the need for effective defenses that protect against this new attack and that could be deployed in Tor.

Cryptography and Security

Xinhao Deng,Qi Li,Ke Xu

2024-07-01

Abstract:Website Fingerprinting (WF) attacks identify the websites visited by users by performing traffic analysis, compromising user privacy. Particularly, DL-based WF attacks demonstrate impressive attack performance. However, the effectiveness of DL-based WF attacks relies on the collected complete and pure traffic during the page loading, which impacts the practicality of these attacks. The WF performance is rather low under dynamic network conditions and various WF defenses, particularly when the analyzed traffic is only a small part of the complete traffic. In this paper, we propose Holmes, a robust and reliable early-stage WF attack. Holmes utilizes temporal and spatial distribution analysis of website traffic to effectively identify websites in the early stages of page loading. Specifically, Holmes develops adaptive data augmentation based on the temporal distribution of website traffic and utilizes a supervised contrastive learning method to extract the correlations between the early-stage traffic and the pre-collected complete traffic. Holmes accurately identifies traffic in the early stages of page loading by computing the correlation of the traffic with the spatial distribution information, which ensures robust and reliable detection according to early-stage traffic. We extensively evaluate Holmes using six datasets. Compared to nine existing DL-based WF attacks, Holmes improves the F1-score of identifying early-stage traffic by an average of 169.18%. Furthermore, we replay the traffic of visiting real-world dark web websites. Holmes successfully identifies dark web websites when the ratio of page loading on average is only 21.71%, with an average precision improvement of 169.36% over the existing WF attacks.

Cryptography and Security,Artificial Intelligence,Machine Learning

Xi Xiao,Xiang Zhou,Zhenyu Yang,Le Yu,Bin Zhang,Qixu Liu,Xiapu Luo

DOI: https://doi.org/10.1016/j.cose.2023.103577

IF: 5.105

2024-01-01

Computers & Security

Abstract:Website fingerprinting (WF) enables eavesdroppers to identify the website a user is visiting by network surveillance, even if the traffic is protected by anonymous communication technologies such as Tor. To avoid this, several defense schemes have been proposed to protect users from the hazard of website fingerprinting attacks. However, some defenses are defeated by new attacks soon since they can not provide provable security guarantees; some defenses can not be deployed in practice since they incur high bandwidth overhead and latency overhead. In this paper, we survey existing WF defense schemes and make a comprehensive analysis. First, we divide WF defenses into four categories and introduce their principles and characteristics separately. Then, we point out some unreasonable settings in previous works and use a new experimental setting to evaluate WF defenses on a public dataset. We find many WF defenses are not as effective as they claim to be. Besides, we investigate the deployment of WF defenses and discuss some potential problems. Finally, we make some suggestions for researchers to design a feasible WF defense and make suggestions for users to protect their privacy.

Nate Mathews,James K. Holland,Nicholas Hopper,Matthew Wright

DOI: https://doi.org/10.1109/tifs.2024.3468171

IF: 7.231

2024-10-11

IEEE Transactions on Information Forensics and Security

Abstract:In this paper, we present Laserbeak, a new state-of-the-art website fingerprinting attack for Tor that achieves nearly 96% accuracy against FRONT-defended traffic by combining two innovations: 1) multi-channel traffic representations and 2) advanced techniques adapted from state-of-the-art computer vision models. Our work is the first to explore a range of different ways to represent traffic data for a classifier. We find a multi-channel input format that provides richer contextual information, enabling the model to learn robust representations even in the presence of heavy traffic obfuscation. We are also the first to examine how recent advances in transformer models can take advantage of these representations. Our novel model architecture utilizing multi-headed attention layers enhances the capture of both local and global patterns. By combining these innovations, Laserbeak demonstrates absolute performance improvements of up to 36.2% (e.g., from 27.6% to 63.8%) compared with prior attacks against defended traffic. Experiments highlight Laserbeak's capabilities in multiple scenarios, including a large open-world dataset where it achieves over 80% recall at 99% precision on traffic obfuscated with padding defenses. These advances reduce the remaining anonymity in Tor against fingerprinting threats, underscoring the need for stronger defenses.

computer science, theory & methods,engineering, electrical & electronic