Adaptive Traffic Fingerprinting: Large-scale Inference under Realistic Assumptions

10/19/2020
by   Vasilios Mavroudis, et al.
0

The widespread adoption of encrypted communications (e.g., the TLS protocol, the Tor anonymity network) fixed several critical security flaws and shielded the end-users from adversaries intercepting their transmitted data. While these protocols are very effective in protecting the confidentiality of the users' data (e.g., credit card numbers), it has been shown that they are prone (to different degrees) to adversaries aiming to breach the users' privacy. Traffic fingerprinting attacks allow an adversary to infer the webpage or the website loaded by a user based only on patterns in the user's encrypted traffic. In fact, many recent works managed to achieve a very high classification accuracy under optimal conditions for the adversary. This paper revisits the optimality assumptions made by those works and discusses various additional parameters that should be considered when evaluating a fingerprinting model. We propose three realistic scenarios simulating non-optimal fingerprinting conditions where various factors could affect the adversary's performance or operation. We then introduce a novel adaptive fingerprinting adversary and experimentally evaluate its accuracy and operation. Our experiments show that adaptive adversaries can reliably uncover the webpage visited by a user among several thousand potential pages, even under considerable distributional shift (e.g., the webpage contents change significantly over time). Such adversaries could infer the products a user browses on shopping websites or log the browsing habits of state dissidents on online forums and encyclopedias. Our technique achieves  90 top-15 setting where the model distinguishes the article visited out of 6,000 Wikipedia webpages, while the same model achieves  80 13,000 classes that were not included in the training set.

READ FULL TEXT
POST COMMENT

Comments

There are no comments yet.

Authors

page 1

page 8

01/28/2021

Website Fingerprinting on Early QUIC Traffic

Cryptographic protocols have been widely used to protect the user's priv...
07/02/2019

Padding Ain't Enough: Assessing the Privacy Guarantees of Encrypted DNS

DNS over TLS (DoT) and DNS over HTTPS (DoH) encrypt DNS to guard user pr...
08/28/2018

Adversaries monitoring Tor traffic crossing their jurisdictional border and reconstructing Tor circuits

We model and analyze passive adversaries that monitors Tor traffic cross...
02/16/2021

Smoothed Analysis with Adaptive Adversaries

We prove novel algorithmic guarantees for several online problems in the...
10/22/2019

Understanding the Effects of Real-World Behavior in Statistical Disclosure Attacks

High-latency anonymous communication systems prevent passive eavesdroppe...
04/23/2021

Predicting Adversary Lateral Movement Patterns with Deep Learning

This paper develops a predictive model for which host, in an enterprise ...
12/20/2017

Tracking Cyber Adversaries with Adaptive Indicators of Compromise

A forensics investigation after a breach often uncovers network and host...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.