Adaptive Traffic Fingerprinting: Large-scale Inference under Realistic Assumptions

10/19/2020
by   Vasilios Mavroudis, et al.
0

The widespread adoption of encrypted communications (e.g., the TLS protocol, the Tor anonymity network) fixed several critical security flaws and shielded the end-users from adversaries intercepting their transmitted data. While these protocols are very effective in protecting the confidentiality of the users' data (e.g., credit card numbers), it has been shown that they are prone (to different degrees) to adversaries aiming to breach the users' privacy. Traffic fingerprinting attacks allow an adversary to infer the webpage or the website loaded by a user based only on patterns in the user's encrypted traffic. In fact, many recent works managed to achieve a very high classification accuracy under optimal conditions for the adversary. This paper revisits the optimality assumptions made by those works and discusses various additional parameters that should be considered when evaluating a fingerprinting model. We propose three realistic scenarios simulating non-optimal fingerprinting conditions where various factors could affect the adversary's performance or operation. We then introduce a novel adaptive fingerprinting adversary and experimentally evaluate its accuracy and operation. Our experiments show that adaptive adversaries can reliably uncover the webpage visited by a user among several thousand potential pages, even under considerable distributional shift (e.g., the webpage contents change significantly over time). Such adversaries could infer the products a user browses on shopping websites or log the browsing habits of state dissidents on online forums and encyclopedias. Our technique achieves  90 top-15 setting where the model distinguishes the article visited out of 6,000 Wikipedia webpages, while the same model achieves  80 13,000 classes that were not included in the training set.

READ FULL TEXT

page 1

page 8

research
01/28/2021

Website Fingerprinting on Early QUIC Traffic

Cryptographic protocols have been widely used to protect the user's priv...
research
04/19/2023

Maybenot: A Framework for Traffic Analysis Defenses

End-to-end encryption is a powerful tool for protecting the privacy of I...
research
07/02/2019

Padding Ain't Enough: Assessing the Privacy Guarantees of Encrypted DNS

DNS over TLS (DoT) and DNS over HTTPS (DoH) encrypt DNS to guard user pr...
research
01/06/2023

Watching your call: Breaking VoLTE Privacy in LTE/5G Networks

Voice over LTE (VoLTE) and Voice over NR (VoNR) are two similar technolo...
research
08/28/2018

Adversaries monitoring Tor traffic crossing their jurisdictional border and reconstructing Tor circuits

We model and analyze passive adversaries that monitors Tor traffic cross...
research
12/20/2017

Tracking Cyber Adversaries with Adaptive Indicators of Compromise

A forensics investigation after a breach often uncovers network and host...
research
10/22/2019

Understanding the Effects of Real-World Behavior in Statistical Disclosure Attacks

High-latency anonymous communication systems prevent passive eavesdroppe...

Please sign up or login with your details

Forgot password? Click here to reset