Fingerprinting Websites Using Traffic Analysis

  • Andrew Hintz
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2482)


I present a traffic analysis based vulnerability in Safe Web, an encrypting web proxy. This vulnerability allows someone monitoring the traffic of a Safe Web user to determine if the user is visiting certain websites. I also describe a successful implementation of the attack. Finally, I discuss methods for improving the attack and for defending against the attack.


Chinese Government Exact Match Traffic Analysis Extra Data News Site 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bruce Schneier, Applied Cryptography (New York: Wiley and Sons, 1996) 219.Google Scholar
  2. 2.
  3. 3.
    David Martin and Andrew Schulman, Deanonymizing Users of the Safe Web Anonymizing Service, Technical Report 2002-003, Boston University Computer Science Department, February 2002. To appear in Proceedings of the 11th USENIX Security Symposium, August 2002.Google Scholar
  4. 4.
  5. 5.
    Steve Friess, ”China Re-Blocks News Sites,” Wired News,1283,47121,00.html
  6. 6.
    SafeWeb PrivaSec Alliance Press Release, August 14, 2001,
  7. 7.
    D. Song, D. Wagner, and X. Tian, Timing Analysis of Keystrokes and SSH Timing Attacks (10th USENIX Security Symposium, 2001) 2–3.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Andrew Hintz
    • 1
  1. 1.The University of Texas at AustinUSA

Personalised recommendations