TG-PSM: Tunable Greedy Packet Sequence Morphing Based on Trace Clustering

by   Farzam Fanitabasi, et al.

Common privacy enhancing technologies fail to effectively hide certain statistical aspects of encrypted traffic, namely individual packets length, packets direction and, packets timing. Recent researches have shown that using such attributes, an adversary is able to extract various information from the encrypted traffic such as the visited website and used protocol. Such attacks are called traffic analysis. Proposed countermeasures attempt to change the distribution of such features. however, either they fail to effectively reduce attacker's accuracy or do so while enforcing high bandwidth overhead and timing delay. In this paper, through the use of a predefined set of clustered traces of websites and a greedy packet morphing algorithm, we introduce a website fingerprinting countermeasure called TG-PSM. Firstly, this method clusters websites based on their behavior in different phases of loading. Secondly, it finds a suitable target site for any visiting website based on user indicated importance degree; thus providing dynamic tunability. Thirdly, this method morphs the given website to the target website using a greedy algorithm considering the distance and the resulted overhead. Our evaluations show that TG-PSM outperforms previous countermeasures regarding attacker accuracy reduction and enforced bandwidth, e.g., reducing bandwidth overhead over 40 while maintaining attacker's accuracy.


page 1

page 2

page 3

page 4


AWA: Adversarial Website Adaptation

One of the most important obligations of privacy-enhancing technologies ...

RegulaTOR: A Powerful Website Fingerprinting Defense

Website Fingerprinting (WF) attacks are used by passive, local attackers...

Tik-Tok: The Utility of Packet Timing in Website Fingerprinting Attacks

A passive local eavesdropper can leverage Website Fingerprinting (WF) to...

Padding Ain't Enough: Assessing the Privacy Guarantees of Encrypted DNS

DNS over TLS (DoT) and DNS over HTTPS (DoH) encrypt DNS to guard user pr...

Padding-only defenses add delay in Tor

Website fingerprinting is an attack that uses size and timing characteri...

On Multi-Session Website Fingerprinting over TLS Handshake

Analyzing users' Internet traffic data and activities has a certain impa...

End-to-End Multi-Tab Website Fingerprinting Attack: A Detection Perspective

Website fingerprinting attack (WFA) aims to deanonymize the website a us...

Please sign up or login with your details

Forgot password? Click here to reset