Toward an Efficient Website Fingerprinting Defense

  • Marc Juarez
  • Mohsen Imani
  • Mike Perry
  • Claudia Diaz
  • Matthew Wright
Conference paper

DOI: 10.1007/978-3-319-45744-4_2

Part of the Lecture Notes in Computer Science book series (LNCS, volume 9878)
Cite this paper as:
Juarez M., Imani M., Perry M., Diaz C., Wright M. (2016) Toward an Efficient Website Fingerprinting Defense. In: Askoxylakis I., Ioannidis S., Katsikas S., Meadows C. (eds) Computer Security – ESORICS 2016. ESORICS 2016. Lecture Notes in Computer Science, vol 9878. Springer, Cham

Abstract

Website Fingerprinting attacks enable a passive eavesdropper to recover the user’s otherwise anonymized web browsing activity by matching the observed traffic with prerecorded web traffic templates. The defenses that have been proposed to counter these attacks are impractical for deployment in real-world systems due to their high cost in terms of added delay and bandwidth overhead. Further, these defenses have been designed to counter attacks that, despite their high success rates, have been criticized for assuming unrealistic attack conditions in the evaluation setting. In this paper, we propose a novel, lightweight defense based on Adaptive Padding that provides a sufficient level of security against website fingerprinting, particularly in realistic evaluation conditions. In a closed-world setting, this defense reduces the accuracy of the state-of-the-art attack from 91 % to 20 %, while introducing zero latency overhead and less than 60 % bandwidth overhead. In an open-world, the attack precision is just 1 % and drops further as the number of sites grows.

Keywords

Privacy Anonymous communications Website Fingerprinting 

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Marc Juarez
    • 1
  • Mohsen Imani
    • 2
  • Mike Perry
    • 3
  • Claudia Diaz
    • 1
  • Matthew Wright
    • 2
  1. 1.KU Leuven, ESAT/COSIC and iMindsLeuvenBelgium
  2. 2.The University of Texas at ArlingtonArlingtonUSA
  3. 3.The Tor ProjectSeattleUSA

Personalised recommendations