Advertisement

Effective defense against fingerprinting attack based on autocorrelation property minimization approach

  • Hojjat Jahani
  • Saeed JaliliEmail author
Article
  • 14 Downloads

Abstract

The website fingerprinting attack is one of the most important traffic analysis attacks that is able to identify a visited website in an anonymizing network such as Tor. It is shown that the existing defense methods against website fingerprinting attacks are inappropriate. In addition, they use large bandwidth and time overhead. In this study, we show that the autocorrelation property is the most important success factor of the website fingerprinting attack. We offer a new effective defense model to resolve this security vulnerability of the Tor anonymity network. The proposed defense model prevents information leakage from the passing traffic. In this regard, a novel mechanism is developed to make the traffic analysis a hard task. This mechanism is based on decreasing the entropy of instances by minimizing the autocorrelation property of them. By applying the proposed defense model, the accuracy of the most effective website fingerprinting attack reduces from 98% to the lowest success rate of the website fingerprinting attack, while the maximum bandwidth overhead of the network traffic remains on about 8%. Recall that the current best defense mechanisms reduce the accuracy of the attack to 23% with a minimum bandwidth overhead of more than 44%. Hence, the proposed defense model significantly reduces the accuracy of the website fingerprinting attack, while the bandwidth overhead increases very slightly (i.e., up to 8%).

Keywords

Anonymity network Tor Fingerprinting attack Defense model Autocorrelation property 

Notes

References

  1. Cai, X., Zhang, X.C., Joshi, B., Johnson, R. (2012). Touching from a distance: Website fingerprinting attacks and defenses. In: Proceedings of the 2012 ACM conference on Computer and communications security, pp 605–616.Google Scholar
  2. Cai, X., Nithyanand, R., Johnson, R. (2014). Cs-buflo: A congestion sensitive website fingerprinting defense. In: Proceedings of the 13th workshop on privacy in the electronic society, pp. 121–130.Google Scholar
  3. Cai, X., Nithyanand, R., Wang, T., Johnson, R., Goldberg, I. (2014). A systematic approach to developing and evaluating website fingerprinting defenses. In: Proceedings of the 2014 ACM SIGSAC conference on computer and communications security, pp. 227–238.Google Scholar
  4. Cherubin, G., Hayes, J., Juarez, M. (2017). Website fingerprinting defenses at the application layer. Proceedings on Privacy Enhancing Technologies, 2017, 186–203.CrossRefGoogle Scholar
  5. Dingledine, R., Mathewson, N., Syverson, P. (2004). Tor: The second-generation onion router, DTIC Document.Google Scholar
  6. Dingledine, R., Mathewson, N., Syverson, P. (2008). Tor: anonymity online, ed,.Google Scholar
  7. Dyer, K.P., Coull, S.E., Ristenpart, T., Shrimpton, T. (2012). Peek-a-boo, i still see you: Why efficient traffic analysis countermeasures fail. In: 2012 IEEE symposium on security and privacy, pp. 332–346.Google Scholar
  8. Golomb, S.W. (1967). Shift register sequences. Aegean Park Press.Google Scholar
  9. Gu, X., Yang, M., Luo, J. (2015). A novel Website Fingerprinting attack against multi-tab browsing behavior. In: 2015 IEEE 19th international conference on computer supported cooperative work in design (CSCWD), pp. 234–239.Google Scholar
  10. Hayes, J., & Danezis, G. (2016). k-fingerprinting: A robust scalable website fingerprinting technique. In: USENIX security symposium, pp 1187–1203.Google Scholar
  11. He, G., Yang, M., Gu, X., Luo, J., Ma, Y. (2014). A novel active website fingerprinting attack against Tor anonymous system. In: Proceedings of the 2014 IEEE 18th international conference on computer supported cooperative work in design (CSCWD), pp. 112–117.Google Scholar
  12. Herrmann, D., Wendolsky, R., Federrath, H. (2009). Website fingerprinting: attacking popular privacy enhancing technologies with the multinomial naïve-bayes classifier. In: Proceedings of the 2009 ACM workshop on Cloud computing security, pp. 31–42.Google Scholar
  13. Hintz, A. (2002). Fingerprinting websites using traffic analysis. In: International workshop on privacy enhancing technologies, pp. 171–178.Google Scholar
  14. Jahani, H., & Jalili, S. (2016). A novel passive website fingerprinting attack on tor using fast fourier transform. Computer Communications, 96, 43–51.CrossRefGoogle Scholar
  15. Juarez, M., Afroz, S., Acar, G., Diaz, C., Greenstadt, R. (2014). A critical evaluation of website fingerprinting attacks. In: Proceedings of the 2014 ACM SIGSAC conference on computer and communications security, pp 263–274.Google Scholar
  16. Juarez, M., Imani, M., Diaz, C., Perry, M., Wright, M. (2016). Toward an efficient website fingerprinting defense for Tor. In: Lecture notes in computer science, pp. 27–46.Google Scholar
  17. Luo, X., Zhou, P., Chan, E.W., Lee, W., Chang, R.K., Perdisci, R. (2011). HTTPOS: Sealing information leaks with browser-side obfuscation of encrypted flows. In: NDSS.Google Scholar
  18. Murdoch, S.J., & Zieliski, P. (2007). Sampled traffic analysis by internet-exchange-level adversaries. In: International workshop on privacy enhancing technologies, 167–183.Google Scholar
  19. Panchenko, A., Lanze, F., Pennekamp, J., Engel, T., Zinnen, A., Henze, M., et al. (2016). Website fingerprinting at internet scale. In: NDSS.Google Scholar
  20. Panchenko, A., Niessen, L., Zinnen, A., Engel, T. (2011). Website fingerprinting in onion routing based anonymization networks. In: Proceedings of the 10th annual ACM workshop on Privacy in the electronic society, pp. 103–114.Google Scholar
  21. Perry, M. (2011). Experimental defense for website traffic fingerprinting, Tor project Blog.” https://blog.torproject.org/blog/experimental-defense-website-traffic-fingerprinting.
  22. Shi, Y., & Matsuura, K. (2009). Fingerprinting attack on the tor anonymity system. In: Information and communications security, ed: Springer, pp. 425–438.Google Scholar
  23. Sun, Q., Simon, D.R., Wang, Y.-M., Russell, W., Padmanabhan, V.N., Qiu, L. (2002). Statistical identification of encrypted web browsing traffic. In: Proceedings IEEE symposium, security and privacy, pp. 19-30.Google Scholar
  24. Wang, T., Cai, X., Nithyanand, R., Johnson, R., Goldberg, I. (2014). Effective attacks and provable defenses for website fingerprinting. In: 23rd USENIX Security Symposium (USENIX Security 14), pp. 143–157.Google Scholar
  25. Wang, T., & Goldberg, I. (2013). Improved website fingerprinting on tor. In: Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society, pp. 201–212.Google Scholar
  26. Wang, T., & Goldberg, I. (2014). Comparing website fingerprinting attacks and defenses, Technical Report 2013-30, CACR, 2013. http://cacr.uwaterloo.ca/techreports/2013/cacr2013-30.pdf.
  27. Wang, T., & Goldberg, I. (2015). Walkie-talkie: An effective and efficient defense against website fingerprinting.Google Scholar
  28. Wright, C.V., Coull, S.E., Monrose, F. (2009). Traffic morphing: An efficient defense against statistical traffic analysis. In: NDSS.Google Scholar
  29. Zhu, Y., Fu, X., Graham, B., Bettati, R., Zhao, W. (2005). On flow correlation attacks and countermeasures in mix networks. In: Privacy enhancing technologies, pp. 207–225.Google Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2019

Authors and Affiliations

  1. 1.Computer Engineering Department, Electrical and Computer Engineering FacultyTarbiat Modares UniversityTehranIran

Personalised recommendations