Website Fingerprinting Attack Mitigation Using Traffic Morphing

Website fingerprinting attacks attempt to identify the website visited in anonymized and encrypted network traffic, that is, even if a user is using Tor and HTTPS. These attacks have been shown to be effective. Mitigations have been proposed which decreased the accuracy of the attacks from about 90% to about 20%. We propose a new mitigation technique based on traffic morphing and clustering. The intuition is that a lot of websites, by nature, are similar and can be clustered together. It is then easier and more efficient to make that whole cluster look exactly the same by using traffic morphing, rather than adding noise to make all websites look similar. All the websites in a cluster, thus, would become indistinguishable. There are many ways to perform traffic morphing. As a proof of concept, we used biggest, which means that all websites in a cluster will look exactly like the biggest website (in terms of network packet size) of that cluster. In simulating our proposed approach, the fingerprinting accuracy dropped from 70% to less than 1%.

[1]  Rachel Greenstadt,et al.  How Unique is Your .onion?: An Analysis of the Fingerprintability of Tor Onion Services , 2017, CCS.

[2]  Thomas Engel,et al.  Website fingerprinting in onion routing based anonymization networks , 2011, WPES.

[3]  George Danezis,et al.  k-fingerprinting: A Robust Scalable Website Fingerprinting Technique , 2015, USENIX Security Symposium.

[4]  Rachel Greenstadt,et al.  A Critical Evaluation of Website Fingerprinting Attacks , 2014, CCS.

[5]  Brijesh Joshi,et al.  Touching from a distance: website fingerprinting attacks and defenses , 2012, CCS.

[6]  Brian Neil Levine,et al.  Inferring the source of encrypted HTTP connections , 2006, CCS '06.

[7]  Nikita Borisov,et al.  Website Detection Using Remote Traffic Analysis , 2011, Privacy Enhancing Technologies.

[8]  David D. Jensen,et al.  Privacy Vulnerabilities in Encrypted HTTP Streams , 2005, Privacy Enhancing Technologies.

[9]  Andrew Hintz,et al.  Fingerprinting Websites Using Traffic Analysis , 2002, Privacy Enhancing Technologies.

[10]  Hannes Federrath,et al.  Website fingerprinting: attacking popular privacy enhancing technologies with the multinomial naïve-bayes classifier , 2009, CCSW '09.

[11]  Tao Wang,et al.  Walkie-Talkie: An Efficient Defense Against Passive Website Fingerprinting Attacks , 2017, USENIX Security Symposium.

[12]  Tao Wang,et al.  Effective Attacks and Provable Defenses for Website Fingerprinting , 2014, USENIX Security Symposium.

[13]  Mun Choon Chan,et al.  Website Fingerprinting and Identification Using Ordered Feature Sequences , 2010, ESORICS.

[14]  Charles V. Wright,et al.  Traffic Morphing: An Efficient Defense Against Statistical Traffic Analysis , 2009, NDSS.

[15]  Tao Wang,et al.  Improved website fingerprinting on Tor , 2013, WPES.

[16]  Mike Perry,et al.  Toward an Efficient Website Fingerprinting Defense , 2015, ESORICS.

[17]  Klaus Wehrle,et al.  Website Fingerprinting at Internet Scale , 2016, NDSS.

[18]  Xiang Cai,et al.  Glove: A Bespoke Website Fingerprinting Defense , 2014, WPES.

[19]  Tao Wang,et al.  On Realistically Attacking Tor with Website Fingerprinting , 2016, Proc. Priv. Enhancing Technol..

[20]  Xiang Cai,et al.  CS-BuFLO: A Congestion Sensitive Website Fingerprinting Defense , 2014, WPES.

[21]  Stefan Mangard,et al.  Exploiting Data-Usage Statistics for Website Fingerprinting Attacks on Android , 2016, WISEC.

[22]  Tao Wang,et al.  A Systematic Approach to Developing and Evaluating Website Fingerprinting Defenses , 2014, CCS.