Abstract
Anonymity protocols are employed to establish encrypted tunnels to protect the privacy of Internet users from traffic analysis attacks. However, the attackers strive to infer some traffic patterns’ characteristics (e.g. packet directions, packet sizes, inter-packet timing, etc.) in order to expose the identities of Internet users and their activities. A recent and popular traffic analysis attack is called website fingerprinting which reveals the identity of websites visited by target users. Existing work in the literature studied the website fingerprinting attack using a single web browser, namely Firefox. In this paper we propose a unified traffic analysis attack model composed of a sequence of phases that demonstrate the efficiency of website fingerprinting attack using popular web browsers under Tor (The Onion Router). In addition, we reveal the main factors that affect the accuracy of website fingerprinting attack over Tor anonymous system and using different browsers. To the best of our knowledge, no previous study uncovered such factors by deploying real-world traffic analysis attack utilizing the top five web browsers. The outcomes of the research are very relevant to Internet users (individuals/companies/governments) since they allow to assess to which extent their privacy is preserved in presence of traffic analysis attacks, in particular, website fingerprinting over different browsers. A recommendation for future research direction regarding the investigation of website fingerprinting over different scenarios is also provided.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.References
Dingledine, R., Mathewson, N., Syverson, P.: Tor: the second-generation onion router. Naval Research Lab, Washington DC (2004)
Berthold, O., Federrath, H., Köpsell, S.: Web MIXes: a system for anonymous and unobservable Internet access. In: Designing privacy enhancing technologies, pp. 115–129. Springer, New York (2001)
Warren, S.D., Brandeis, L.D.: The right to privacy. Harvard Law Rev. 4, 193–220 (1890)
Clarke, R.: Internet privacy concerns confirm the case for intervention. Commun. ACM 42(2), 60–67 (1999)
Culnan, M.J.: “How Did They Get My Name?”: an exploratory investigation of consumer attitudes toward secondary information use. MIS Q. 341–363 (1993)
Chung, W., Paynter, J.: Privacy issues on the Internet. In: System Sciences. HICSS. Proceedings of the 35th Annual Hawaii International Conference on 2002, p. 9 pp. IEEE (2002)
Hintz, A.: Fingerprinting websites using traffic analysis. In: International Workshop on Privacy Enhancing Technologies, pp. 171–178. Springer (2002)
Tor: The Second-Generation Onion Router. http://oai.dtic.mil/oai/oai?&verb=getRecord&metadataPrefix=html&identifier=ADA465464 (2017)
Bissias, G.D., Liberatore, M., Jensen, D., Levine, B.N.: Privacy vulnerabilities in encrypted HTTP streams. In: International Workshop on Privacy Enhancing Technologies, pp. 1–11. Springer (2005)
Panchenko, A., Niessen, L., Zinnen, A., Engel, T.: Website fingerprinting in onion routing based anonymization networks. In: Proceedings of the 10th annual ACM workshop on Privacy in the electronic society, pp. 103–114. ACM (2011)
Al-Shehari, T., Shahzad, F.: Improving Operating system fingerprinting using machine learning techniques. Int. J. Comput. Theor. Eng. 6(1), 57 (2014)
Herrmann, D., Wendolsky, R., Federrath, H.: Website fingerprinting: attacking popular privacy enhancing technologies with the multinomial naïve-bayes classifier. In: Proceedings of the 2009 ACM workshop on Cloud computing security, pp. 31–42. ACM (2009)
Cai, X., Zhang, X.C., Joshi, B., Johnson, R.: Touching from a distance: Website fingerprinting attacks and defenses. In: Proceedings of the 2012 ACM conference on Computer and communications security, pp. 605–616. ACM (2012)
Craven, R.M.: Traffic analysis of anonymity systems. Clemson University, Clemson (2010)
Tor project: Anonymity Online. https://www.torproject.org. (2017)
Pfitzmann, A., Köhntopp, M.: Anonymity, unobservability, and pseudonymity—a proposal for terminology. In: Designing privacy enhancing technologies, pp. 1–9. Springer, New York (2001)
Chaum, D.L.: Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM 24(2), 84–90 (1981)
Möller, U., Cottrell, L., Palfrader, P., Sassaman, L.: Mixmaster protocol—version 2. Draft, July 154, 28 (2003)
Mathewson, N., Dingledine, R.: Practical traffic analysis: Extending and resisting statistical disclosure. In: Privacy Enhancing Technologies, pp. 17–34. Springer, New York (2004)
Berthold, O., Hannes, F., Stefan, K.: Web MIXes: A system for anonymous and unobservable Internet access. In: Designing privacy enhancing technologies. Springer, Berlin, Heidelberg (2001)
Zantout, B., Haraty, R.: I2P data communication system. In: Proceedings of ICN, pp. 401–409 (2011)
Bielova, N.: Survey on JavaScript security policies and their enforcement mechanisms in a web browser. J. Logic Algebr. Progr. 82(8), 243–262 (2013)
Garsiel, T., Irish, P.: How browsers work: Behind the scenes of modern web browsers. Google Project, August (2011)
Liberatore, M., Levine, B.N.: Inferring the source of encrypted HTTP connections. In: Proceedings of the 13th ACM conference on Computer and communications security, pp. 255–263. ACM (2006)
Shi, Y., Matsuura, K.: Fingerprinting Attack on the Tor Anonymity System. In: ICICS, pp. 425–438. Springer, New York (2009)
Wang, T., Goldberg, I.: Improved website fingerprinting on tor. In: Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society, pp. 201–212. ACM (2013)
Zhioua, S.: The web browser factor in traffic analysis attacks. Secur. Commun. Netw. 8(18), 4227–4241 (2015)
Fuchs, C., Boersma, K., Albrechtslund, A., Sandoval, M.: Internet and surveillance: The challenges of Web 2.0 and social media, vol. 16. Routledge, (2013)
Abu-Amara, M.: A combined solution for the Internet access denial caused by malicious Internet service providers. Secur. Commun. Netw. 7(11), 2078–2093 (2014)
Lyon, D.: Surveillance after September 11, vol. 11. Polity, (2003)
Zhang, Y., Su, S., Wang, Y., Chen, W., Yang, F.: Privacy-assured substructure similarity query over encrypted graph-structured data in cloud. Secur. Commun. Netw. 7(11), 1933–1944 (2014)
Johnson, A., Wacek, C., Jansen, R., Sherr, M., Syverson, P.: Users get routed: Traffic correlation on Tor by realistic adversaries. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & communications security, pp. 337–348. ACM (2013)
Navarro, G.: A guided tour to approximate string matching. ACM Comput. Surv. (CSUR) 33(1), 31–88 (2001)
Gehrig, A.P.: Detection of spoofing of remote client system information. In. Google Patents, (2015)
Browserscope: How Does Your Browser Compare? http://www.browserscope.org/. (2017)
Browser testing on BrowserStack. https://www.caniuse.com/. (2017)
Internet Explorer Dev. Center: Asynchronous script execution. http://msdn.microsoft.com/en-us/library/ie/hh673524. (2017)
Ihrig, C.: Profiling Page Loads with the Navigation Timing API. (1 September 2012). (2017)
Crowley, M.: Pro Internet Explorer 8 & 9 Development: Developing Powerful Applications for the Next Generation of IE. Apress, New York (2011)
Wang, W., Motani, M., Srinivasan, V.: Dependent link padding algorithms for low latency anonymity systems. In: Proceedings of the 15th ACM conference on Computer and communications security, pp. 323–332. ACM (2008)
Butkiewicz, M., Madhyastha, H.V., Sekar, V.: Understanding website complexity: measurements, metrics, and implications. In: Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference, pp. 313–328. ACM (2011)
Akhawe, D., Felt, A.P.: Alice in Warningland: A Large-Scale Field Study of Browser Security Warning Effectiveness. In: USENIX security symposium (2013)
Barker, T.: What is Performance. In: Pro JavaScript Performance. pp. 1–12. Springer, New York (2012)
Guha, A., Fredrikson, M., Livshits, B., Swamy, N.: Verified security for browser extensions. In: Security and Privacy (SP), IEEE Symposium on 2011, pp. 115–130. IEEE (2011)
Holland, M.C.: Assessment of content delivery services using performance measurements from within an end user client application. In. Google Patents, (2017)
Dutton, S.: “Measuring Page Load Speed with Navigation Timing - HTML5 Rocks.” HTML5 Rocks - A Resource for Open Web HTML5 Developers, Creative Commons Attribution 3.0 License (2011). https://www.html5rocks.com/en/tutorials/webperformance/basics/
Rainie, L., et al:. “Anonymity, Privacy, and Security Online.” Pew Research Center: Internet, Science & Tech. (2013). https://www.pewinternet.org/2013/09/05/anonymity-privacy-and-security-online/
StatCounter Global Stats. http://gs.statcounter.com/. (2017)
Okazaki, N., Toyoda, K., Yokoyama, E., So, H., Katayama, T., Park, M.: Countermeasure against fingerprinting attack in Tor by separated contents retrieval. IEICE Commun. Express 4(12), 370–375 (2015)
Yang, Q., Gasti, P., Zhou, G., Farajidavar, A., Balagani, K.S.: On inferring browsing activity on smartphones via USB power analysis side-channel. IEEE Trans. Inf. Forensics Secur. 12(5), 1056–1066 (2017)
Gu, X., Yang, M., Luo, J.: A novel website fingerprinting attack against multi-tab browsing behavior. In: Computer Supported Cooperative Work in Design (CSCWD), IEEE 19th International Conference on 2015, pp. 234–239. IEEE (2015)
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Al-Shehari, T., Zhioua, S. An empirical study of web browsers’ resistance to traffic analysis and website fingerprinting attacks. Cluster Comput 21, 1917–1931 (2018). https://doi.org/10.1007/s10586-018-2817-4
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10586-018-2817-4