ABSTRACT
Website fingerprinting attacks have recently emerged as a serious threat against web browsing privacy mechanisms, such as SSL, Tor, and encrypting tunnels. Researchers have proposed numerous attacks and defenses, and the Tor project currently includes both network- and browser-level defenses against these attacks, but published defenses have high overhead, poor security, or both.
In this paper we present preliminary results of {Glove}, a new SSH based defense. Glove is based on the observation that current defenses are expensive not because website traces are different, but because the defense, operating blindly, does not know how to add cover traffic and therefore, puts it everywhere. Instead, Glove uses existing knowledge of a websites traces to add cover traffic conservatively while maintaining high levels of security. Further, Glove satisfies the information theoretic definitions of security defined in prior work -- i.e., it is resistant to any fingerprinting adversary. Our simulations show that Glove performs better than all currently proposed SSH based defenses in terms of the security-overhead trade-off.
- Donald J Berndt and James Clifford. Using dynamic time warping to find patterns in time series. In KDD workshop, 1994.Google ScholarDigital Library
- Xiang Cai, Rishab Nithyanand, and Rob Johnson. Cs-buflo: A congestion sensitive website fingerprinting defense. In WPES, 2014. Google ScholarDigital Library
- Xiang Cai, Rishab Nithyanand, Tao Wang, Rob Johnson, and Ian Goldberg. A systematic approach to developing and evaluating website fingerprinting defenses. In ACM CCS, 2014. Google ScholarDigital Library
- Kevin P. Dyer, Scott E. Coull, Thomas Ristenpart, and Thomas Shrimpton. Peek-a-boo, i still see you: Why efficient traffic analysis countermeasures fail. In IEEE Security and Privacy, 2012. Google ScholarDigital Library
- Leonard Kaufman and Peter Rousseeuw. Clustering by means of medoids. Statistical Data Analysis Based on the L1-Norm and Related Methods, 1987.Google Scholar
- Gonzalo Navarro. A guided tour to approximate string matching. ACM Comput. Surv., 33:31--88, March 2001. Google ScholarDigital Library
- Charles V. Wright, Scott E. Coull, and Fabian Monrose. Traffic morphing: An efficient defense against statistical traffic analysis. In NDSS, 2009.Google Scholar
Index Terms
- Glove: A Bespoke Website Fingerprinting Defense
Recommendations
Deep Fingerprinting: Undermining Website Fingerprinting Defenses with Deep Learning
CCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications SecurityWebsite fingerprinting enables a local eavesdropper to determine which websites a user is visiting over an encrypted connection. State-of-the-art website fingerprinting attacks have been shown to be effective even against Tor. Recently, lightweight ...
A Systematic Approach to Developing and Evaluating Website Fingerprinting Defenses
CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications SecurityFingerprinting attacks have emerged as a serious threat against privacy mechanisms, such as SSL, Tor, and encrypting tunnels. Researchers have proposed numerous attacks and defenses, and the Tor project now includes both network- and browser-level ...
DynaFlow: An Efficient Website Fingerprinting Defense Based on Dynamically-Adjusting Flows
WPES'18: Proceedings of the 2018 Workshop on Privacy in the Electronic SocietyWebsite fingerprinting attacks enable a local adversary to determine which website a Tor user visits. In recent years, several researchers have proposed defenses to counter these attacks. However, these defenses have shortcomings: many do not provide ...
Comments