Proceedings 2016 Network and Distributed System Security Symposium 2016
DOI: 10.14722/ndss.2016.23477
|View full text |Cite
|
Sign up to set email alerts
|

Website Fingerprinting at Internet Scale

Abstract: Abstract-The website fingerprinting attack aims to identify the content (i.e., a webpage accessed by a client) of encrypted and anonymized connections by observing patterns of data flows such as packet size and direction. This attack can be performed by a local passive eavesdropper -one of the weakest adversaries in the attacker model of anonymization networks such as Tor.In this paper, we present a novel website fingerprinting attack. Based on a simple and comprehensible idea, our approach outperforms all sta… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

3
389
0

Year Published

2017
2017
2021
2021

Publication Types

Select...
4
2
1

Relationship

1
6

Authors

Journals

citations
Cited by 416 publications
(424 citation statements)
references
References 21 publications
3
389
0
Order By: Relevance
“…The latest attacks against Tor achieve more than 90% accuracy in a closed-world of websites, where the attacker is assumed to have samples for all the websites a target user may visit [5,11,20,30,31]. This assumption is unrealistically advantageous for the attacker [14] and a recent study has shown that the attack does not scale to large open-worlds [20].…”
Section: Attacksmentioning
confidence: 99%
See 2 more Smart Citations
“…The latest attacks against Tor achieve more than 90% accuracy in a closed-world of websites, where the attacker is assumed to have samples for all the websites a target user may visit [5,11,20,30,31]. This assumption is unrealistically advantageous for the attacker [14] and a recent study has shown that the attack does not scale to large open-worlds [20].…”
Section: Attacksmentioning
confidence: 99%
“…This assumption is unrealistically advantageous for the attacker [14] and a recent study has shown that the attack does not scale to large open-worlds [20]. However, the .onion space is significantly smaller than the Web and may be feasible for an adversary to train on a substantial fraction of all .onion websites.…”
Section: Attacksmentioning
confidence: 99%
See 1 more Smart Citation
“…Also outside our scope are connection-level features that can divulge indications of the server involved in the connection, such as have been used in TCP fingerprinting (e.g., [17]), TLS fingerprinting (e.g., [26]), or website fingerprinting (e.g., [13,31,39]). Such features include the number of servers to which the client connects, the timing connections to relative to one another, connection volume patterns, etc.…”
Section: Securitymentioning
confidence: 99%
“…While we have made initial steps to support per-connection trafficanalysis defense (Appendix A), that defense does not immediately address traffic analysis based on aggregates of connections, e.g., the number of servers to which connections are made or the relative timings of these connections. Defending against this type of attack remains a very active area of research independent of our proposal (e.g., [13,14,31,39]). …”
Section: Scope Of Defensementioning
confidence: 99%