Protecting against Website Fingerprinting with Multihoming

Henri, Sébastien; García-Aviles, Ginés; Serrano, Pablo; Banchs, Albert; Thiran, Patrick

doi:10.2478/popets-2020-0019

Cited by 36 publications

(21 citation statements)

References 47 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…• We consider WF attacks that operate on packet directions 1 . This assumption is consistent with many previous defenses [21,31,34,58,75]. For each u's website session, the attacker collects its trace x u as a sequence of packet directions (i.e., marking each outgoing packet as +1 and each incoming packet as -1).…”

Section: Problem and Threat Modelsupporting

confidence: 66%

“…In application layer obfuscation, the defender introduces randomness into HTTP requests or the Tor routing algorithm (e.g., [18,21,31]). Application layer defenses generally make strong assumptions that are often unrealistic in practice, such as target websites implementing customized HTTP protocols [18] or only allowing attackers to observe traffic at a single Tor entry node [21,31]. These defenses provide less than 60% protection against DNN-based attacks such as DF and Var-CNN [7,65].…”

Section: Website Fingerprinting Defensesmentioning

confidence: 99%

“…These obfuscation-based defenses have been proven ineffective (< 60% protection) against DNN based attacks [7,65]. Other defenses have proposed randomizing HTTP requests [17] or scattering traffic redirection across different Tor nodes [21,31]. Again, these defenses provide poor protection against DNN-based attacks (<50% protection).…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

A Real-time Defense against Website Fingerprinting Attacks

Shan¹,

Bhagoji²,

Zheng³

et al. 2021

Preprint

View full text Add to dashboard Cite

Anonymity systems like Tor are vulnerable to Website Fingerprinting (WF) attacks, where a local passive eavesdropper infers the victim's activity. Current WF attacks based on deep learning classifiers have successfully overcome numerous proposed defenses. While recent defenses leveraging adversarial examples offer promise, these adversarial examples can only be computed after the network session has concluded, thus offer users little protection in practical settings.We propose Dolos, a system that modifies user network traffic in real time to successfully evade WF attacks. Dolos injects dummy packets into traffic traces by computing input-agnostic adversarial patches that disrupt deep learning classifiers used in WF attacks. Patches are then applied to alter and protect user traffic in real time. Importantly, these patches are parameterized by a user-side secret, ensuring that attackers cannot use adversarial training to defeat Dolos. We experimentally demonstrate that Dolos provides 94+% protection against state-of-the-art WF attacks under a variety of settings. Against prior defenses, Dolos outperforms in terms of higher protection performance and lower information leakage and bandwidth overhead. Finally, we show that Dolos is robust against a variety of adaptive countermeasures to detect or disrupt the defense.

show abstract

Section: Problem and Threat Modelsupporting

confidence: 66%

Section: Website Fingerprinting Defensesmentioning

confidence: 99%

See 1 more Smart Citation

A Real-time Defense against Website Fingerprinting Attacks

Shan¹,

Bhagoji²,

Zheng³

et al. 2021

Preprint

View full text Add to dashboard Cite

show abstract

“…Traffic Splitting defenses defend against WF attacks by splitting traffic between multiple guard nodes so that any individual sub-trace reveals little information about the target web page. The TrafficSliver [18] and Multihoming [23] defenses both use traffic splitting, though their implementations are fairly different. In Multihoming, clients connect through two different access points (e.g.…”

Section: Website Fingerprinting Defensesmentioning

confidence: 99%

RegulaTor: A Straightforward Website Fingerprinting Defense

Holland

Hopper

2022

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

Website Fingerprinting (WF) attacks are used by local passive attackers to determine the destination of encrypted internet traffic by comparing the sequences of packets sent to and received by the user to a previously recorded data set. As a result, WF attacks are of particular concern to privacy-enhancing technologies such as Tor. In response, a variety of WF defenses have been developed, though they tend to incur high bandwidth and latency overhead or require additional infrastructure, thus making them difficult to implement in practice. Some lighter-weight defenses have been presented as well; still, they attain only moderate effectiveness against recently published WF attacks. In this paper, we aim to present a realistic and novel defense, RegulaTor, which takes advantage of common patterns in web browsing traffic to reduce both defense overhead and the accuracy of current WF attacks. In the closed-world setting, RegulaTor reduces the accuracy of the state-of-the-art attack, Tik-Tok, against comparable defenses from 66% to 25.4%. To achieve this performance, it requires 6.6% latency overhead and a bandwidth overhead 39.3% less than the leading moderate-overhead defense. In the open-world setting, RegulaTor limits a precision-tuned Tik-Tok attack to an F 1-score of. 135, compared to .625 for the best comparable defense.

show abstract

“…The scale of tracking motivate re-designing systems to provide privacy guarantees. For example, multihoming can be used to defend against fingerprinting [38] and trusted hardware can ensure compliance to stated privacy policies [39].…”

Section: Privacy Practicesmentioning

confidence: 99%

Privacy Preference Signals: Past, Present and Future

Hils

Woods

Böhme

2021

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

Privacy preference signals are digital representations of how users want their personal data to be processed. Such signals must be adopted by both the sender (users) and intended recipients (data processors). Adoption represents a coordination problem that remains unsolved despite efforts dating back to the 1990s. Browsers implemented standards like the Platform for Privacy Preferences (P3P) and Do Not Track (DNT), but vendors profiting from personal data faced few incentives to receive and respect the expressed wishes of data subjects. In the wake of recent privacy laws, a coalition of AdTech firms published the Transparency and Consent Framework (TCF), which defines an optin consent signal. This paper integrates post-GDPR developments into the wider history of privacy preference signals. Our main contribution is a high-frequency longitudinal study describing how TCF signal gained dominance as of February 2021. We explore which factors correlate with adoption at the website level. Both the number of third parties on a website and the presence of Google Ads are associated with higher adoption of TCF. Further, we show that vendors acted as early adopters of TCF 2.0 and provide two case-studies describing how Consent Management Providers shifted existing customers to TCF 2.0. We sketch ways forward for a pro-privacy signal.

show abstract

Protecting against Website Fingerprinting with Multihoming

Cited by 36 publications

References 47 publications

A Real-time Defense against Website Fingerprinting Attacks

A Real-time Defense against Website Fingerprinting Attacks

RegulaTor: A Straightforward Website Fingerprinting Defense

Privacy Preference Signals: Past, Present and Future

Contact Info

Product

Resources

About