research-article

Towards an Efficient Defense against Deep Learning based Website Fingerprinting

Authors:

Xinwen FuAuthors Info & Claims

IEEE INFOCOM 2022 - IEEE Conference on Computer Communications

Pages 310 - 319

https://doi.org/10.1109/INFOCOM48880.2022.9796685

Published: 02 May 2022 Publication History

Abstract

Website fingerprinting (WF) attacks allow an attacker to eavesdrop on the encrypted network traffic between a victim and an anonymous communication system so as to infer the real destination websites visited by a victim. Recently, the deep learning (DL) based WF attacks are proposed to extract high level features by DL algorithms to achieve better performance than that of the traditional WF attacks and defeat the existing defense techniques. To mitigate this issue, we propose a-genetic-programming-based variant cover traffic search technique to generate defense strategies for effectively injecting dummy Tor cells into the raw Tor traffic. We randomly perform mutation operations on labeled original traffic traces by injecting dummy Tor cells into the traces to derive variant cover traffic. A high level feature distance based fitness function is designed to improve the mutation rate to discover successful variant traffic traces that can fool the DL-based WF classifiers. Then the dummy Tor cell injection patterns in the successful variant traces are extracted as defense strategies that can be applied to the Tor traffic. Extensive experiments demonstrate that we can introduce 8.1% of bandwidth overhead to significantly decrease the accuracy rate below 0.4% in the realistic open-world setting.

References

[1]

K. Abe and S. Goto. Fingerprinting attack on Tor anonymity using deep learning. Proceedings of the Asia Pacific Advanced Network (APAN), 42:15–20, 2016.

[2]

A. Abusnaina, R. Jang, A. Khormali, D. Nyang, and D. Mohaisen. DFD: Adversarial Learning-based Approach to Defend Against Website Fingerprinting. In Proceedings of the 39th IEEE International Conference on Computer Communications (INFOCOM), pages 2459–2468, 2020.

[3]

S. Bhat, D. Lu, A. Kwon, and S. Devadas. Var-CNN: A Data-Efficient Website Fingerprinting Attack Based on Deep Learning. Proceedings on Privacy Enhancing Technologies (PET), 2019(4):292–310, 2019.

[4]

X. Cai, R. Nithyanand, and R. Johnson. CS-BuFLO: A Congestion Sensitive Website Fingerprinting Defense. In Proceedings of the Workshop on Privacy in the Electronic Society (WPES), pages 121–130, 2014.

[5]

X. Cai, R. Nithyanand, T. Wang, R. Johnson, and I. Goldberg. A systematic approach to developing and evaluating website fingerprinting defenses. In Proceedings of the ACM Conference on Computer and Communications Security (CCS), pages 227–238, 2014.

[6]

X. Cai, X. C. Zhang, B. Joshi, and R. Johnson. Touching from a Distance: Website Fingerprinting Attacks and Defenses. In Proceedings of the ACM Conference on Computer and Communications Security (CCS), pages 605–616, 2012.

[7]

Z. Cai, Z. Xiong, H. Xu, P. Wang, W. Li, and Y. Pan. Generative Adversarial Networks: A Survey Towards Private and Secure Applications. ACM Computing Surveys, 2022.

[8]

K. P. Dyer, S. E. Coull, T. Ristenpart, and T. Shrimpton. Peek-a-Boo, I still see you: Why efficient traffic analysis countermeasures fail. In Proceedings of the IEEE Symposium on Security and Privacy (S&P), pages 332–346, 2012.

[9]

J. Gong and T. Wang. Zero-delay Lightweight Defenses against Website Fingerprinting. In Proceedings of the USENIX Security Symposium (Security), pages 717–734, 2020.

[10]

I. J. Goodfellow, J. Pouget-Abadie, M. Mirza, B. Xu, D. Warde-Farley, S. Ozair, A. Courville, and Y. Bengio. Generative Adversarial Nets. Advances in neural information processing systems (NeurIPS), 27, 2014.

[11]

J. Hayes and G. Danezis. k-fingerprinting: a Robust Scalable Website Fingerprinting Technique. In Proceedings of the USENIX Security Symposium (Security), pages 1187–1203, 2016.

[12]

D. Herrmann, R. Wendolsky, and H. Federrath. Website fingerprinting: attacking popular privacy enhancing technologies with the multinomial Naive-Bayes classifier. In Proceedings of the ACM Workshop on Cloud Computing Security, pages 31–42, 2009.

[13]

M. Juarez, S. Afroz, G. Acar, C. Diaz, and R. Greenstadt. A critical evaluation of website fingerprinting attacks. In Proceedings of the ACM Conference on Computer and Communications Security (CCS), pages 263–274, 2014.

[14]

M. Juarez, M. Imani, M. Perry, C. Diaz, and M. Wright. Toward an Efficient Website Fingerprinting Defense. In Proceedings of the European Symposium on Research in Computer Security (ESORICS), volume 9878, pages 27–46, 2016.

[15]

B. N. Levine, M. K. Reiter, C. Wang, and M. Wright. Timing Attacks in Low-Latency MIX Systems. In Proceedings of Financial Cryptography (FC), pages 251–265, February 2004.

[16]

Y. Liang, Z. Cai, J. Yu, Q. Han, and Y. Li. Deep Learning Based Inference of Private Information Using Embedded Sensors in Smart Devices. IEEE Network Magazine, 32(4):8–14, 2018.

Digital Library

[17]

Z. Ling, J. Luo, D. Xu, M. Yang, and X. Fu. Novel and Practical SDN-based Traceback Technique for Malicious Traffic over Anonymous Networks. In Proceedings of the 38th IEEE International Conference on Computer Communications (INFOCOM), pages 1180–1188, 2019.

[18]

Z. Ling, J. Luo, W. Yu, X. Fu, D. Xuan, and W. Jia. A New Cell Counting Based Attack Against Tor. In Proceedings of the ACMConference on Computer and Communications Security (CCS), pages 578–589, November 2009.

[19]

Z. Ling, J. Luo, Y. Zhang, M. Yang, X. Fu, and W. Yu. A Novel Network Delay based Side-Channel Attack: Modeling and Defense. In Proceedings of the 31st IEEE International Conference on Computer Communications (INFOCOM), pages 2390–2398, 2012.

[20]

A. Panchenko, F. Lanze, A. Zinnen, M. Henze, J. Pennekamp, K. Wehrle, and T. Engel. Website Fingerprinting at Internet Scale. In Proceedings of the Network Distributed System Security Symposium (NDSS), 2016.

[21]

A. Panchenko, L. Niessen, A. Zinnen, and T. Engel. Website Fingerprinting in Onion Routing based Anonymization Networks. In Proceedings of the ACM Workshop on Privacy in the Electronic Society (WPES), pages 103–114, 2011.

[22]

P. Peng, P. Ning, and D. S. Reeves. On the Secrecy of Timing-based Active Watermarking Trace-back Techniques. In Proceedings of the IEEE Security and Privacy Symposium (S&P), pages 15–349, May 2006.

[23]

M. S. Rahman, M. Imani, N. Mathews, and M. Wright. Mockingbird: Defending Against Deep-LearningBased Website Fingerprinting Attacks With Adversarial Traces. IEEE Transactions on Information Forensics and Security (TIFS), pages 1594–1609, 2020.

[24]

M. S. Rahman, P. Sirinam, N. Mathews, K. G. Gangadhara, and M. Wright. Tik-Tok: The Utility of Packet Timing in Website Fingerprinting Attacks. Proceedings on Privacy Enhancing Technologies (PET), 2020(3):5–24, 2020.

[25]

V. Rimmer, D. Preuveneers, M. Juarez, T. V. Goethem, and W. Joosen. Automated Website Fingerprinting through Deep Learning. In Proceedings of the Network Distributed System Security Symposium (NDSS), 2018.

[26]

O. Russakovsky, J. Deng, H. Su, J. Krause, S. Satheesh, S. Ma, Z. Huang, A. Karpathy, A. Khosla, M. Bernstein, A. C. Berg, and L. Fei-Fei. ImageNet Large Scale Visual Recognition Challenge. International journal of computer vision, 115(3):211–252, 2015.

Digital Library

[27]

S. Shan, A. N. Bhagoji, H. Zheng, and B. Y. Zhao. A Real-time Defense against Website Fingerprinting Attacks. In arXiv preprint arXiv:2102.04291, 2021.

[28]

P. Sirinam, M. Juarez, M. Imani, and M. Wright. Deep Fingerprinting: Undermining Website Fingerprinting Defenses with Deep Learning. In Proceedings of the ACM Conference on Computer and Communications Security (CCS), pages 1928–1943, 2018.

[29]

P. Sirinam, N. Mathews, M. S. Rahman, and M. Wright. Triplet Fingerprinting: More practical and portable website fingerprinting with N-shot learning. In Proceedings of the ACM Conference on Computer and Communications Security (CCS), pages 1131–1148, 2019.

[30]

G. Tian, Z. Duan, T. Baumeister, and Y. Dong. Traceback Attacks on Freenet. IEEE Transactions on Dependable and Secure Computing (TDSC), 14(3):294–307, 2015.

[31]

T. Wang, X. Cai, R. Nithyanand, R. Johnson, and I. Goldberg. Effective Attacks and Provable Defenses for Website Fingerprinting. In Proceedings of the USENIX Security Symposium (Security), pages 143– 157, 2014.

[32]

T. Wang and I. Goldberg. Improved Website Fingerprinting on Tor. In Proceedings of the ACM Workshop on Privacy in the Electronic Society (WPES), pages 201–212, 2013.

[33]

T. Wang and I. Goldberg. Walkie-talkie: An efficient defense against passive website fingerprinting attacks. In Proceedings of the USENIX Security Symposium (Security), pages 1375–1390, 2017.

[34]

M. Yang, J. Luo, Z. Ling, X. Fu, and W. Yu. De-anonymizing and Countermeasures in Anonymous Communication Networks. IEEE Communications Magazine (COMMAG), 53(4):60–66, 2015.

Digital Library

[35]

W. Yu, X. Fu, S. Graham, D. Xuan, and W. Zhao. DSSS-Based Flow Marking Technique for Invisible Traceback. In Proceedings of the 2007 IEEE Symposium on Security and Privacy (S&P), pages 18–32, May 2007.

[36]

Y. Zhu, X. Fu, B. Graham, R. Bettati, and W. Zhao. On Flow Correlation Attacks and Countermeasures in Mix Networks. In Proceedings of Workshop on Privacy Enhancing Technologies (PET), pages 207–225, 2004.

Cited By

Zhou XXiao XLi QZhang BHu GLuo XZhang TQuek TGao DZhou JCardenas A(2024)CapsuleFormer: A Capsule and Transformer combined model for Decentralized Application encrypted traffic classificationProceedings of the 19th ACM Asia Conference on Computer and Communications Security10.1145/3634737.3637664(1418-1429)Online publication date: 1-Jul-2024
https://dl.acm.org/doi/10.1145/3634737.3637664

Index Terms

Towards an Efficient Defense against Deep Learning based Website Fingerprinting

Index terms have been assigned to the content through auto-classification.

Recommendations

Deep Fingerprinting: Undermining Website Fingerprinting Defenses with Deep Learning
CCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security

Website fingerprinting enables a local eavesdropper to determine which websites a user is visiting over an encrypted connection. State-of-the-art website fingerprinting attacks have been shown to be effective even against Tor. Recently, lightweight ...
Adversarial Traces for Website Fingerprinting Defense
CCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security

Website Fingerprinting (WF) is a traffic analysis attack that enables an eavesdropper to infer the victim's web activity even when encrypted and even when using the Tor anonymity system. Using deep learning classifiers, the attack can reach up to 98% ...
Mockingbird: Defending Against Deep-Learning-Based Website Fingerprinting Attacks With Adversarial Traces
Website Fingerprinting (WF) is a type of traffic analysis attack that enables a local passive eavesdropper to infer the victim’s activity, even when the traffic is protected by a VPN or an anonymity system like Tor. Leveraging a deep-learning ...

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

IEEE INFOCOM 2022 - IEEE Conference on Computer Communications

May 2022

2237 pages

Copyright © 2021.

Publisher

IEEE Press

Publication History

Published: 02 May 2022

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 01 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Zhou XXiao XLi QZhang BHu GLuo XZhang TQuek TGao DZhou JCardenas A(2024)CapsuleFormer: A Capsule and Transformer combined model for Decentralized Application encrypted traffic classificationProceedings of the 19th ACM Asia Conference on Computer and Communications Security10.1145/3634737.3637664(1418-1429)Online publication date: 1-Jul-2024
https://dl.acm.org/doi/10.1145/3634737.3637664

View Options

View options

Media

Figures

Other

Tables

View Table of Contents