A novel attack to track users based on the behavior patterns

Currently, people around the world daily use the Internet to access various services, such as e‐mail and online shopping. However, the behavior‐based tracking attacks have posed a considerable threat to users' privacy. Relying on characteristic patterns within the Internet activities, this attack can link a user's multiple sessions. In this paper, we investigate the behavior‐based tracking attack and propose some countermeasures to mitigate the threat. We preprocess the raw traffic data and then extract features ranging from lower layer network packets to high‐level application‐related traffic. Specifically, we focus on four types of application‐level traffic to infer users' habits, including HTTP, IM, e‐mail, and P2P. In addition, we extract the web queries entered into shopping websites and classify them to infer users' preferences. Then, we construct the preference models and propose an improved method. For evaluation, we collect traffic in the real‐world environment to construct a large‐scale dataset. Five hundred and nine users are selected in terms of the user's active degree. When the term frequency–inverse document frequency transformation is used, the improved method can identify an average of 93.79% instances correctly. Our extensive empirical experiments demonstrate the effectiveness and efficiency of our approaches. Finally, we discuss and evaluate several countermeasures. Copyright © 2016 John Wiley & Sons, Ltd.

[1]  Bernhard E. Boser,et al.  A training algorithm for optimal margin classifiers , 1992, COLT '92.

[2]  Vashek Matyas,et al.  User Profiling and Re-identification: Case of University-Wide Network Analysis , 2009, TrustBus.

[3]  Andrei Z. Broder,et al.  Robust classification of rare queries using web knowledge , 2007, SIGIR.

[4]  Hannes Federrath,et al.  Behavior-based tracking: Exploiting characteristic patterns in DNS traffic , 2013, Comput. Secur..

[5]  Peter Teufl,et al.  User Tracking Based on Behavioral Fingerprints , 2010, CANS.

[6]  Ming Yang,et al.  A novel Website Fingerprinting attack against multi-tab browsing behavior , 2015, 2015 IEEE 19th International Conference on Computer Supported Cooperative Work in Design (CSCWD).

[7]  Sebastian Abt,et al.  A Small Data Approach to Identification of Individuals on the Transport Layer using Statistical Behaviour Templates , 2014, SIN.

[8]  Brijesh Joshi,et al.  Touching from a distance: website fingerprinting attacks and defenses , 2012, CCS.

[9]  George M. Mohay,et al.  Mining e-mail content for author identification forensics , 2001, SGMD.

[10]  Damon L. Woodard,et al.  Biometric Authentication and Identification using Keystroke Dynamics: A Survey , 2012 .

[11]  Hannes Federrath,et al.  Tracking Users on the Internet with Behavioral Patterns: Evaluation of Its Practical Feasibility , 2012, SEC.

[12]  Hinrich Schütze,et al.  Introduction to information retrieval , 2008 .

[13]  Hannes Federrath,et al.  Analyzing Characteristic Host Access Patterns for Re-identification of Web User Sessions , 2010, NordSec.

[14]  Haining Wang,et al.  An efficient user verification system via mouse movements , 2011, CCS '11.

[15]  Junzhou Luo,et al.  Online Identification of Tor Anonymous Communication Traffic: Online Identification of Tor Anonymous Communication Traffic , 2014 .

[16]  Claude Castelluccia,et al.  Selling Off Privacy at Auction , 2014, NDSS 2014.

[17]  Carla E. Brodley,et al.  User re-authentication via mouse movements , 2004, VizSEC/DMSEC '04.

[18]  Yinghui Yang,et al.  Web user behavioral profiling for user identification , 2010, Decis. Support Syst..

[19]  Stefano Giordano,et al.  On Multi-gigabit Packet Capturing with Multi-core Commodity Hardware , 2012, PAM.

[20]  Peter Eckersley,et al.  How Unique Is Your Web Browser? , 2010, Privacy Enhancing Technologies.

[21]  อนิรุธ สืบสิงห์,et al.  Data Mining Practical Machine Learning Tools and Techniques , 2014 .

[22]  Jie Tang,et al.  ACTPred: Activity prediction in mobile social networks , 2014, Tsinghua Science and Technology.

[23]  Zhiyuan Liu,et al.  Portraying user life status from microblogging posts , 2013 .

[24]  Ming Yang,et al.  De-anonymizing and countermeasures in anonymous communication networks , 2015, IEEE Communications Magazine.

[25]  John C. Mitchell,et al.  Third-Party Web Tracking: Policy and Technology , 2012, 2012 IEEE Symposium on Security and Privacy.