Adv-DWF: Defending Against Deep-Learning-Based Website Fingerprinting Attacks with Adversarial Traces

by   Mohsen Imani, et al.

Website Fingerprinting (WF) is a type of traffic analysis attack that enables a local passive eavesdropper to infer the victim's activity even when the traffic is protected by encryption, a VPN, or some other anonymity system like Tor. Leveraging a deep-learning classifier, a WF attacker can gain up to 98 accuracy against Tor. Existing WF defenses are either too expensive in terms of bandwidth and latency overheads (e.g. 2-3 times as large or slow) or ineffective against the latest attacks. In this paper, we explore a novel defense, Adv-DWF, based on the idea of adversarial examples that have been shown to undermine machine learning classifiers in other domains. Our Adv-DWF defense adds padding to a traffic trace in a manner that fools the classifier into classifying it as coming from a different site. The technique drops the accuracy of the state-of-the-art attack augmented with adversarial training from 98 of the cases, the state-of-the-art attack's accuracies of our defense are at least 45 Walkie-Talkie (W-T), respectively. The Top-2 accuracy of our defense is at best 56.9 bandwidth overheads of our defense are at least 8 and W-T, respectively, showing its promise as a possible defense for Tor.


page 1

page 2

page 3

page 4


A Real-time Defense against Website Fingerprinting Attacks

Anonymity systems like Tor are vulnerable to Website Fingerprinting (WF)...

AWA: Adversarial Website Adaptation

One of the most important obligations of privacy-enhancing technologies ...

Membership Inference Attacks and Defenses in Supervised Learning via Generalization Gap

This work studies membership inference (MI) attack against classifiers, ...

GanDef: A GAN based Adversarial Training Defense for Neural Network Classifier

Machine learning models, especially neural network (NN) classifiers, are...

Leaked-Web: Accurate and Efficient Machine Learning-Based Website Fingerprinting Attack through Hardware Performance Counters

Users' website browsing history contains sensitive information, like hea...

Towards Effective and Efficient Padding Machines for Tor

Tor recently integrated a circuit padding framework for creating padding...

Few-Shot Website Fingerprinting Attack

This work introduces a novel data augmentation method for few-shot websi...