Website Fingerprinting Defenses at the Application Layer

Cherubin, Giovanni; Hayes, Jamie; Juárez, Marc

doi:10.1515/popets-2017-0023

Cited by 65 publications

(68 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…These works have investigated both the selection of features (such as packet sizes, packet timings, direction of communication), as well as the design of classifiers (such as support vector machines, random forests, Naive Bayes) to make accurate predictions [10,29,35,36,37,45,46,53,60,66,67,73,88,89,93]. In response, several defense mechanisms have been proposed in the literature [11,12,15,63,90]. The common idea behind these defenses is to inject random delays and spurious cover traffic to perturb the traffic features and therefore obfuscate users' communications.…”

Section: Website Fingerprinting Attacks and Defencesmentioning

confidence: 99%

“…Because the attack observes the internal state of the target PC, rather than the network traffic. It offers the potential of overcoming traffic shaping, often proposed as a defense for website fingerprinting [11,12,15,63,90]. Similarly, the attack may be applicable in scenarios where network-based fingerprinting is known to be less effective, such as when the browser caches the contents of the website [36].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Website Fingerprinting Through the Cache Occupancy Channel and its Real World Practicality

Shusterman

Avraham

Croitoru

et al. 2020

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

Website fingerprinting attacks, which use statistical analysis on network traffic to compromise user privacy, have been shown to be effective even if the traffic is sent over anonymity-preserving networks such as Tor. The classical attack model used to evaluate website fingerprinting attacks assumes an on-path adversary, who can observe all traffic traveling between the user's computer and the secure network.In this work we investigate these attacks under a different attack model, in which the adversary is capable of sending a small amount of malicious JavaScript code to the target user's computer. The malicious code mounts a cache sidechannel attack, which exploits the effects of contention on the CPU's cache, to identify other websites being browsed. The effectiveness of this attack scenario has never been systematically analyzed, especially in the open-world model which assumes that the user is visiting a mix of both sensitive and non-sensitive sites.We show that cache website fingerprinting attacks in JavaScript are highly feasible. Specifically, we use machine learning techniques to classify traces of cache activity. Unlike prior works, which try to identify cache conflicts, our work measures the overall occupancy of the lastlevel cache. We show that our approach achieves high classification accuracy in both the open-world and the closedworld models. We further show that our attack is more resistant than network-based fingerprinting to the effects of response caching, and that our techniques are resilient both to network-based defenses and to side-channel countermeasures introduced to modern browsers as a response to the Spectre attack. To protect against cache-based website fingerprinting, new defense mechanisms must be introduced to privacy-sensitive browsers and websites. We investigate one such mechanism, and show that generating artificial cache activity reduces the effectiveness of the attack and completely eliminates it when used in the Tor Browser.

show abstract

Section: Website Fingerprinting Attacks and Defencesmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Website Fingerprinting Through the Cache Occupancy Channel and its Real World Practicality

Shusterman

Avraham

Croitoru

et al. 2020

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

show abstract

“…This is a limitation of our approach to countermeasures, but might be a limitation to website fingerprinting defenses in general, as large sites are easily identified by website fingerprinting attacks. However, we believe that our results can inform the design of application-layer defenses that alter websites in order to perturb site-level features [8]. This would allow to optimize existing application-layer defenses by focusing on the features that our site-level feature analysis has identified as most identifying, thus reducing the performance that these defenses incur in Tor.…”

Section: Limitations and Future Workmentioning

confidence: 90%

“…This substantially reduces the number of sites to consider when only targeting onion services, as the universe of onion services is orders of magnitude smaller than the web, which makes website fingerprinting attacks potentially effective in practice. In addition, onion services are used to host sensitive content such as whistleblowing platforms and activist blogs, making website fingerprinting attacks on this sites particularly attractive, and potentially very damaging [8]. For these reasons, we focus our analysis on onion services rather than the whole web.…”

Section: Introductionmentioning

confidence: 99%

How Unique is Your .onion?

Overdorf

Juárez

Acar

et al. 2017

Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security

Self Cite

View full text Add to dashboard Cite

Recent studies have shown that Tor onion (hidden) service websites are particularly vulnerable to website fingerprinting attacks due to their limited number and sensitive nature. In this work we present a multi-level feature analysis of onion site fingerprintability, considering three state-of-the-art website fingerprinting methods and 482 Tor onion services, making this the largest analysis of this kind completed on onion services to date.Prior studies typically report average performance results for a given website fingerprinting method or countermeasure. We investigate which sites are more or less vulnerable to fingerprinting and which features make them so. We find that there is a high variability in the rate at which sites are classified (and misclassified) by these attacks, implying that average performance figures may not be informative of the risks that website fingerprinting attacks pose to particular sites.We analyze the features exploited by the different website fingerprinting methods and discuss what makes onion service sites more or less easily identifiable, both in terms of their traffic traces as well as their webpage design. We study misclassifications to understand how onion services sites can be redesigned to be less vulnerable to website fingerprinting attacks. Our results also inform the design of website fingerprinting countermeasures and their evaluation considering disparate impact across sites.

show abstract

“…Our paper includes these defenses for information leakage evaluation. We leave recently proposed defenses [9,48] in our future work.…”

Section: Related Workmentioning

confidence: 99%

Measuring Information Leakage in Website Fingerprinting Attacks and Defenses

Guo

Hopper

2018

Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security

View full text Add to dashboard Cite

Tor provides low-latency anonymous and uncensored network access against a local or network adversary. Due to the design choice to minimize traffic overhead (and increase the pool of potential users) Tor allows some information about the client's connections to leak. Attacks using (features extracted from) this information to infer the website a user visits are called Website Fingerprinting (WF) attacks. We develop a methodology and tools to measure the amount of leaked information about a website. We apply this tool to a comprehensive set of features extracted from a large set of websites and WF defense mechanisms, allowing us to make more fine-grained observations about WF attacks and defenses. CCS CONCEPTS• Security and privacy → Web protocol security;

show abstract

Website Fingerprinting Defenses at the Application Layer

Cited by 65 publications

References 16 publications

Website Fingerprinting Through the Cache Occupancy Channel and its Real World Practicality

Website Fingerprinting Through the Cache Occupancy Channel and its Real World Practicality

How Unique is Your .onion?

Measuring Information Leakage in Website Fingerprinting Attacks and Defenses

Contact Info

Product

Resources

About