More Web Proxy on the site http://driver.im/

research-article

Public Access

Measuring Information Leakage in Website Fingerprinting Attacks and Defenses

Authors:

Nicholas HopperAuthors Info & Claims

CCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security

Pages 1977 - 1992

https://doi.org/10.1145/3243734.3243832

Published: 15 October 2018 Publication History

Abstract

Tor provides low-latency anonymous and uncensored network access against a local or network adversary. Due to the design choice to minimize traffic overhead (and increase the pool of potential users) Tor allows some information about the client's connections to leak. Attacks using (features extracted from) this information to infer the website a user visits are called Website Fingerprinting (WF) attacks. We develop a methodology and tools to measure the amount of leaked information about a website. We apply this tool to a comprehensive set of features extracted from a large set of websites and WF defense mechanisms, allowing us to make more fine-grained observations about WF attacks and defenses.

Supplementary Material

MP4 File (p1977-hopper.mp4)

Download
422.23 MB

References

[1]

Lada A Adamic and Bernardo A Huberman. 2002. Zipf's law and the Internet. Glottometrics, Vol. 3, 1 (2002), 143--150.

[2]

Xiang Cai, Rishab Nithyanand, and Rob Johnson. 2014. CS-BuFLO: A Congestion Sensitive Website Fingerprinting Defense. In Proceedings of the Workshop on Privacy in the Electronic Society (WPES 2014).

Digital Library

[3]

Xiang Cai, Rishab Nithyanand, Tao Wang, Rob Johnson, and Ian Goldberg. A Systematic Approach to Developing and Evaluating Website Fingerprinting Defenses. In Proceedings of the 21th ACM conference on Computer and Communications Security (CCS 2014).

Digital Library

[4]

Xiang Cai, Xincheng Zhang, Brijesh Joshi, and Rob Johnson. 2012. Touching from a Distance: Website Fingerprinting Attacks and Defenses. In Proceedings of the 19th ACM conference on Computer and Communications Security (CCS 2012).

Digital Library

[5]

Jie Cheng and Russell Greiner. 1999. Comparing Bayesian network classifiers. In Proceedings of the Fifteenth conference on Uncertainty in artificial intelligence. Morgan Kaufmann Publishers Inc., 101--108.

Digital Library

[6]

Giovanni Cherubin, Jamie Hayes, and Marc Juarez. 2017. Website fingerprinting defenses at the application layer. Proceedings on Privacy Enhancing Technologies, Vol. 2017, 2 (2017), 186--203.

[7]

Tom Chothia, Yusuke Kawamoto, and Chris Novakovic. 2013. A tool for estimating information leakage. In International Conference on Computer Aided Verification. Springer, 690--695.

Digital Library

[8]

Kevin P. Dyer, Scott E. Coull, Thomas Ristenpart, and Thomas Shrimpton. Peek-a-Boo, I Still See You: Why Efficient Traffic Analysis Countermeasures Fail. In Proceedings of the 2012 IEEE Symposium on Security and Privacy.

Digital Library

[9]

Bradley Efron. 1992. Bootstrap methods: another look at the jackknife. Breakthroughs in Statistics. Springer, 569--593.

[10]

Martin Ester, Hans-Peter Kriegel, Jörg Sander, Xiaowei Xu, et al. 1996. A density-based algorithm for discovering clusters in large spatial databases with noise. In Kdd, Vol. 96. 226--231.

Digital Library

[11]

Brian S Everitt. 1985. Mixture Distributions-I .Wiley Online Library.

[12]

Sylvia Frühwirth-Schnatter. 2006. Finite mixture and Markov switching models .Springer Science & Business Media.

[13]

Shuyang Gao, Greg Ver Steeg, and Aram Galstyan. 2015. Efficient Estimation of Mutual Information for Strongly Dependent Variables. CoRR, Vol. abs/1411.2003 (2015).

[14]

Zoubin Ghahramani and Carl E Rasmussen. 2002. Bayesian monte carlo. In Advances in neural information processing systems. 489--496.

[15]

Cherubin Giovanni. 2017. Bayes, not Naïve: Security Bounds on Website Fingerprinting Defenses. Proceedings on Privacy Enhancing Technologies, Vol. 2017 (2017). https://petsymposium.org/2017/papers/issue4/paper50--2017--4-source.pdf

[16]

Benjamin Greschbach, Tobias Pulls, Laura M Roberts, Philipp Winter, and Nick Feamster. 2017a. The Effect of DNS on Tor's Anonymity. (2017).

[17]

Benjamin Greschbach, Tobias Pulls, Laura M. Roberts, Philipp Winter, and Nick Feamster. 2017b. The Effect of DNS on Tor's Anonymity. In NDSS. The Internet Society. https://nymity.ch/tor-dns/tor-dns.pdf

[18]

W Keith Hastings. 1970. Monte Carlo sampling methods using Markov chains and their applications. Biometrika, Vol. 57, 1 (1970), 97--109.

[19]

Jamie Hayes and George Danezis. 2016. k-fingerprinting: A Robust Scalable Website Fingerprinting Technique. In 25th USENIX Security Symposium (USENIX Security 16). USENIX Association, Austin, TX, 1187--1203. https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/hayes

Digital Library

[20]

Ian T Jolliffe. 1986. Principal Component Analysis and Factor Analysis. Principal component analysis. Springer, 115--128.

[21]

Marc Juarez, Sadia Afroz, Gunes Acar, Claudia Diaz, and Rachel Greenstadt. A Critical Evaluation of Website Fingerprinting Attacks. In Proceedings of the 21th ACM conference on Computer and Communications Security (CCS 2014).

Digital Library

[22]

Marc Juarez, Mohsen Imani, Mike Perry, Claudia Diaz, and Matthew Wright. 2016. Toward an efficient website fingerprinting defense. In European Symposium on Research in Computer Security. Springer.

[23]

Shiraj Khan, Sharba Bandyopadhyay, Auroop Ganguly, Sunil Saigal, David J Erickson, Vladimir Protopopescu, and George Ostrouchov. 2007. Relative performance of mutual information estimation methods for quantifying the dependence among short and noisy data., Vol. 76 (09 2007), 026209.

[24]

Igor Kononenko. 1991. Semi-naive Bayesian Classifier. In Proceedings of the European Working Session on Learning on Machine Learning (EWSL-91). Springer-Verlag New York, Inc., New York, NY, USA.

Digital Library

[25]

Alexander Kraskov, Harald Stögbauer, and Peter Grassberger. 2004. Estimating mutual information. Physical review E, Vol. 69, 6 (2004), 066138.

[26]

Tarald O Kvalseth. 1987. Entropy and correlation: Some comments. IEEE Transactions on Systems, Man, and Cybernetics, Vol. 17, 3 (1987), 517--519.

[27]

Marc Liberatore and Brian Neil Levine. Inferring the Source of Encrypted HTTP Connections. In Proceedings of the 13th ACM conference on Computer and Communications Security (CCS 2006).

Digital Library

[28]

David J. C. MacKay. 2002. Information Theory, Inference & Learning Algorithms .Cambridge University Press, New York, NY, USA.

Digital Library

[29]

Luke Mather and Elisabeth Oswald. 2012. Pinpointing side-channel information leaks in web applications. Journal of Cryptographic Engineering (2012), 1--17.

[30]

Rishab Nithyanand, Xiang Cai, and Rob Johnson. Glove: A Bespoke Website Fingerprinting Defense. Proceedings of the 12th Workshop on Privacy in the Electronic Society (WPES).

Digital Library

[31]

Andriy Panchenko, Fabian Lanze, Andreas Zinnen, Martin Henze, Jan Pennekamp, Klaus Wehrle, and Thomas Engel. Website Fingerprinting at Internet Scale. In Proceedings of the 23rd Internet Society (ISOC) Network and Distributed System Security Symposium (NDSS 2016).

[32]

Andriy Panchenko, Lukas Niessen, Andreas Zinnen, and Thomas Engel. Website Fingerprinting in Onion Routing Based Anonymization Networks. In Proceedings of the Workshop on Privacy in the Electronic Society (WPES 2011).

Digital Library

[33]

Andriy Panchenko, Lukas Niessen, Andreas Zinnen, and Thomas Engel. 2011. Website Fingerprinting in Onion Routing Based Anonymization Networks. In Proceedings of the Workshop on Privacy in the Electronic Society (WPES 2011). ACM.

Digital Library

[34]

Mike Perry. Experimental Defense for Website Traffic Fingerprinting. https://blog.torproject.org/blog/experimental-defense-website-traffic-fingerprinting

[35]

D.N. Politis, J.P. Romano, and M. Wolf. 1999. Subsampling .Springer New York. 99015017 https://books.google.com/books?id=nGu6rqjE6JoC

[36]

Murray Rosenblatt et al. 1956. Remarks on some nonparametric estimates of a density function. The Annals of Mathematical Statistics, Vol. 27, 3 (1956), 832--837.

[37]

Yi Shi and Kanta Matsuura. 2009. Fingerprinting attack on the tor anonymity system. International Conference on Information and Communications Security. Springer, 425--438.

Digital Library

[38]

Shashank Singh and Barnabás Póczos. 2016. Analysis of k-Nearest Neighbor Distances with Application to Entropy Estimation. arXiv preprint arXiv:1603.08578 (2016).

[39]

P. Sirinam, M. Imani, M. Juarez, and M. Wright. 2018. Deep Fingerprinting: Undermining Website Fingerprinting Defenses with Deep Learning. ArXiv e-prints (Jan. 2018). arxiv: cs.CR/1801.02265

Digital Library

[40]

Berwin A Turlach et al. 1993. Bandwidth selection in kernel density estimation: A review .Université catholique de Louvain.

[41]

Philippe Van Kerm et al. 2003. Adaptive kernel density estimation. The Stata Journal, Vol. 3, 2 (2003), 148--156.

[42]

Nguyen Xuan Vinh, Julien Epps, and James Bailey. 2010. Information Theoretic Measures for Clusterings Comparison: Variants, Properties, Normalization and Correction for Chance. J. Mach. Learn. Res., Vol. 11 (Dec. 2010), 2837--2854. http://dl.acm.org/citation.cfm?id=1756006.1953024

Digital Library

[43]

Tao Wang, Xiang Cai, Rishab Nithyanand, Rob Johnson, and Ian Goldberg. 2014. Effective attacks and provable defenses for website fingerprinting. In Proc. 23th USENIX Security Symposium (USENIX).

Digital Library

[44]

Tao Wang and Ian Goldberg. Improved Website Fingerprinting on Tor. In Proceedings of the Workshop on Privacy in the Electronic Society (WPES 2013).

Digital Library

[45]

Tao Wang and Ian Goldberg. 2017. Walkie-talkie: An effective and efficient defense against website fingerprinting. Technical Report.

[46]

Charles Wright, Scott Coull, and Fabian Monrose. Traffic Morphing: An efficient defense against statistical traffic analysis. In Proceedings of the Network and Distributed Security Symposium NDSS '09.

Cited By

Zhou JFu WHu WSun ZHe TZhang Z(2024)Challenges and Advances in Analyzing TLS 1.3-Encrypted Traffic: A Comprehensive SurveyElectronics10.3390/electronics1320400013:20(4000)Online publication date: 11-Oct-2024
https://doi.org/10.3390/electronics13204000
Huang BDu Y(2024)Break-Pad: effective padding machines for tor with break burst paddingCybersecurity10.1186/s42400-024-00222-y7:1Online publication date: 1-Oct-2024
https://doi.org/10.1186/s42400-024-00222-y
Jansen RWails RJohnson AAyday EVaidya J(2024)Repositioning Real-World Website Fingerprinting on TorProceedings of the 23rd Workshop on Privacy in the Electronic Society10.1145/3689943.3695047(124-140)Online publication date: 20-Nov-2024
https://dl.acm.org/doi/10.1145/3689943.3695047
Show More Cited By

Index Terms

Measuring Information Leakage in Website Fingerprinting Attacks and Defenses
1. Security and privacy
  1. Network security
    1. Web protocol security

Recommendations

Deep Fingerprinting: Undermining Website Fingerprinting Defenses with Deep Learning
CCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security

Website fingerprinting enables a local eavesdropper to determine which websites a user is visiting over an encrypted connection. State-of-the-art website fingerprinting attacks have been shown to be effective even against Tor. Recently, lightweight ...
A Systematic Approach to Developing and Evaluating Website Fingerprinting Defenses
CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security

Fingerprinting attacks have emerged as a serious threat against privacy mechanisms, such as SSL, Tor, and encrypting tunnels. Researchers have proposed numerous attacks and defenses, and the Tor project now includes both network- and browser-level ...
Patch-based Defenses against Web Fingerprinting Attacks
AISec '21: Proceedings of the 14th ACM Workshop on Artificial Intelligence and Security

Anonymity systems like Tor are vulnerable to Website Fingerprinting (WF) attacks, where a local passive eavesdropper infers the victim's activity. WF attacks based on deep learning classifiers have successfully overcome numerous defenses. While recent ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security

October 2018

2359 pages

ISBN:9781450356930

DOI:10.1145/3243734

General Chairs:
David Lie
University of Toronto
,
Mohammad Mannan
Concordia University
,
Program Chairs:
Michael Backes
CISPA Helmholtz Center i.G.
,
XiaoFeng Wang
Indiana University

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 15 October 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

NSF

Conference

CCS '18

Sponsor:

SIGSAC

CCS '18: 2018 ACM SIGSAC Conference on Computer and Communications Security

October 15 - 19, 2018

Toronto, Canada

Acceptance Rates

CCS '18 Paper Acceptance Rate 134 of 809 submissions, 17%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

52
Total Citations
View Citations
2,080
Total Downloads

Downloads (Last 12 months)430
Downloads (Last 6 weeks)56

Reflects downloads up to 01 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Zhou JFu WHu WSun ZHe TZhang Z(2024)Challenges and Advances in Analyzing TLS 1.3-Encrypted Traffic: A Comprehensive SurveyElectronics10.3390/electronics1320400013:20(4000)Online publication date: 11-Oct-2024
https://doi.org/10.3390/electronics13204000
Huang BDu Y(2024)Break-Pad: effective padding machines for tor with break burst paddingCybersecurity10.1186/s42400-024-00222-y7:1Online publication date: 1-Oct-2024
https://doi.org/10.1186/s42400-024-00222-y
Jansen RWails RJohnson AAyday EVaidya J(2024)Repositioning Real-World Website Fingerprinting on TorProceedings of the 23rd Workshop on Privacy in the Electronic Society10.1145/3689943.3695047(124-140)Online publication date: 20-Nov-2024
https://dl.acm.org/doi/10.1145/3689943.3695047
Cebere BRossow C(2024)Understanding Web Fingerprinting with a Protocol-Centric ApproachProceedings of the 27th International Symposium on Research in Attacks, Intrusions and Defenses10.1145/3678890.3678910(17-34)Online publication date: 30-Sep-2024
https://dl.acm.org/doi/10.1145/3678890.3678910
Deng XWang YXue ZChua TNgo CKa-Wei Lee RKumar RLauw H(2024)AN-Net: an Anti-Noise Network for Anonymous Traffic ClassificationProceedings of the ACM Web Conference 202410.1145/3589334.3645691(4417-4428)Online publication date: 13-May-2024
https://dl.acm.org/doi/10.1145/3589334.3645691
Chen ZCheng GWei ZNiu DFu N(2024)Classify Traffic Rather Than Flow: Versatile Multi-Flow Encrypted Traffic Classification With Flow ClusteringIEEE Transactions on Network and Service Management10.1109/TNSM.2023.332286121:2(1446-1466)Online publication date: Apr-2024
https://doi.org/10.1109/TNSM.2023.3322861
Mathews NHolland JHopper NWright M(2024)Laserbeak: Evolving Website Fingerprinting Attacks With Attention and Multi-Channel Feature RepresentationIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.346817119(9285-9300)Online publication date: 2024
https://doi.org/10.1109/TIFS.2024.3468171
Zhou QWang LZhu HLu TSheng V(2024)WF-Transformer: Learning Temporal Features for Accurate Anonymous Traffic Identification by Using Transformer NetworksIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.331896619(30-43)Online publication date: 2024
https://doi.org/10.1109/TIFS.2023.3318966
Wang XLu ZWang XHe MWang X(2024)GETRF: A General Framework for Encrypted Traffic Identification With Robust Representation Based on Datagram StructureIEEE Transactions on Cognitive Communications and Networking10.1109/TCCN.2024.340082510:6(2045-2060)Online publication date: Dec-2024
https://doi.org/10.1109/TCCN.2024.3400825
Shen MJi KWu JLi QKong XXu KZhu L(2024)Real-Time Website Fingerprinting Defense via Traffic Cluster Anonymization2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00247(3238-3256)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00247
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Figures

Tables

Media

View Table of Conten