Website fingerprinting attacks have recently emerged as a serious threat against web browsing privacy mechanisms, such as SSL, Tor, and encrypting tunnels. Researchers have proposed numerous attacks and defenses, and the Tor project currently includes both network- and browser-level defenses against these attacks, but published defenses have high overhead, poor security, or both. In this paper we present preliminary results of {Glove}, a new SSH based defense. Glove is based on the observation that current defenses are expensive not because website traces are different, but because the defense, operating blindly, does not know how to add cover traffic and therefore, puts it everywhere. Instead, Glove uses existing knowledge of a websites traces to add cover traffic conservatively while maintaining high levels of security. Further, Glove satisfies the information theoretic definitions of security defined in prior work -- i.e., it is resistant to any fingerprinting adversary. Our simulations show that Glove performs better than all currently proposed SSH based defenses in terms of the security-overhead trade-off.
[1]
Charles V. Wright,et al.
Traffic Morphing: An Efficient Defense Against Statistical Traffic Analysis
,
2009,
NDSS.
[2]
Gonzalo Navarro,et al.
A guided tour to approximate string matching
,
2001,
CSUR.
[3]
Peter J. Rousseeuw,et al.
Clustering by means of medoids
,
1987
.
[4]
Donald J. Berndt,et al.
Using Dynamic Time Warping to Find Patterns in Time Series
,
1994,
KDD Workshop.
[5]
Tao Wang,et al.
A Systematic Approach to Developing and Evaluating Website Fingerprinting Defenses
,
2014,
CCS.
[6]
Xiang Cai,et al.
CS-BuFLO: A Congestion Sensitive Website Fingerprinting Defense
,
2014,
WPES.
[7]
Thomas Ristenpart,et al.
Peek-a-Boo, I Still See You: Why Efficient Traffic Analysis Countermeasures Fail
,
2012,
2012 IEEE Symposium on Security and Privacy.