An Effective Website Fingerprinting Defense Based on Traffic Splitting and Padding

被引:0
作者
Huang, Bin [1 ]
Du, Yanhui [1 ]
机构
[1] Department of Information and Cybersecurity, People's Public Security University of China, Beijing
来源
Beijing Ligong Daxue Xuebao/Transaction of Beijing Institute of Technology | 2024年 / 44卷 / 07期
关键词
defense; network security; Tor anonymity system; website fingerprinting;
D O I
10.15918/j.tbit1001-0645.2023.208
中图分类号
学科分类号
摘要
Due to Tor as an anonymity communication network system can protect user privacy, so all the attack arithmetic of Website Fingerprinting (WF) attacks were arranged to destroy the user anonymity by analyzing users' traffic. To solve the problems existed in a lot of various WF defense systems developed to resist WF attacks, a novel WF defense, consisting of a traffic splitting module and a padding module, was proposed based on traffic splitting with padding (SWP), reducing the spending of these WF defense methods and advancing defense effectiveness. The traffic splitting module was arranged to split traffic in a random number of multiple circuits and send to different circuits with a circuit-switching strategy based on packet intervals. Meanwhile, the padding module was designed to utilize two sub-modules, Break Burst, and Extend Burst, to inject padding packets into the incoming and outgoing bursts respectively, to further obfuscate the traffic patterns on each circuit. In the closed-world setting, the analysis results show that the proposed algorithm can further reduce RF's precision by 18.54% and RF's recall by 20.25% compared to its comparable HyWF. Comparing with CoMPS, the proposed algorithm can further reduce RF's precision by 2.72% and RF's recall by 5.23% with fewer circuits. Experimental results show that the proposed algorithm can outperform to comparable algorithms and lower defense spending. © 2024 Beijing Institute of Technology. All rights reserved.
引用
收藏
页码:750 / 760
页数:10
相关论文
共 20 条
  • [1] DINGLEDINE R, MATHEWSON N, SYVERSON P., Tor: The second-generation onion router[C], Proceedings of the 13th USENIX Security Symposium, pp. 9-13, (2004)
  • [2] WANG T, CAI X, NITHYANAND R, Et al., Effective attacks and provable defenses for website fingerprinting[C], Proceedings of the 23rd USENIX Security Symposium, pp. 20-22, (2014)
  • [3] HAYES J, DANEZIS G., K-fingerprinting: a robust scalable website fingerprinting technique[C], Proceedings of the 25th USENIX Security Symposium, pp. 10-12, (2016)
  • [4] PANCHENKO A, LANZE F, ZINNEN A, Et al., Website fingerprinting at internet scale[C], Proceedings of the 23rd Annual Network and Distributed System Security Symposium (NDSS), pp. 21-24, (2016)
  • [5] RIMMER V, PREUVENEERS D, JUAREZ M, Et al., Automated website fingerprinting through deep learning [C], Proceedings of the 25th Annual Network and Distributed System Security Symposium (NDSS), pp. 18-21, (2018)
  • [6] SIRINAM P, IMANI M, JUAREZ M, Et al., Deep fingerprinting: undermining website fingerprinting defenses with deep learning[C], Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS), pp. 15-19, (2018)
  • [7] BHAT S, LU D, KWON A, Et al., Var-CNN: a data-efficient website fingerprinting attack based on deep learning, Proceedings of the Proceedings on Privacy Enhancing Technologies, (2019)
  • [8] RAHMAN M S, SIRINAM P, MATHEWS N, Et al., Tik-Tok: the utility of packet timing in website fingerprinting attacks[C], Proceedings of the Proceedings on Privacy Enhancing Technologies, (2020)
  • [9] SHEN M, JI K, GAO Z, Et al., Subverting website fingerprinting defenses with robust traffic representation [C], Proceedings of the 32nd USENIX Security Symposium, (2023)
  • [10] YER K P, COULL S E, RISTENPART T, Et al., Peek-a-Boo, I still see you: why efficient traffic analysis countermeasures fail[C], Proceedings of the 33rd IEEE Symposium on Security and Privacy (SP), pp. 20-23, (2012)
12