Website Fingerprinting on Early QUIC Traffic

by   Pengwei Zhan, et al.

Cryptographic protocols have been widely used to protect the user's privacy and avoid exposing private information. QUIC (Quick UDP Internet Connections), as an alternative to traditional HTTP, demonstrates its unique transmission characteristics: based on UDP for encrypted resource transmission, accelerating web page rendering. However, existing encrypted transmission schemes based on TCP are vulnerable to website fingerprinting (WFP) attacks, allowing adversaries to infer the users' visited websites by eavesdropping on the transmission channel. Whether QUIC protocol can effectively resisting to such attacks is worth investigating. In this work, we demonstrated the extreme vulnerability of QUIC under WFP attacks by comparing attack results under well-designed conditions. We also study the transferability of features, which enable the adversary to use proven effective features on a special protocol attacking a new protocol. This study shows that QUIC is more vulnerable to WFP attacks than HTTPS in the early traffic scenario but is similar in the normal scenario. The maximum attack accuracy on QUIC is 56.8 HTTPS utilizing Simple features and Transfer features. The insecurity characteristic of QUIC explains the dramatic gap. We also find that features are transferable between protocols, and the feature importance is partially inherited on normal traffic due to the relatively fixed browser rendering sequence and the similar request-response model of protocols. However, the transferability is inefficient when on early traffic, as QUIC and HTTPS show significantly different vulnerability when considering early traffic. We also show that attack accuracy on QUIC could reach 95.4 just using simple features, whereas only 60.7



There are no comments yet.


page 1

page 2

page 3

page 4


Adaptive Traffic Fingerprinting: Large-scale Inference under Realistic Assumptions

The widespread adoption of encrypted communications (e.g., the TLS proto...

Encrypted DNS --> Privacy? A Traffic Analysis Perspective

Virtually every connection to an Internet service is preceded by a DNS l...

TG-PSM: Tunable Greedy Packet Sequence Morphing Based on Trace Clustering

Common privacy enhancing technologies fail to effectively hide certain s...

DeepHTTP: Semantics-Structure Model with Attention for Anomalous HTTP Traffic Detection and Pattern Mining

In the Internet age, cyber-attacks occur frequently with complex types. ...

Padding Ain't Enough: Assessing the Privacy Guarantees of Encrypted DNS

DNS over TLS (DoT) and DNS over HTTPS (DoH) encrypt DNS to guard user pr...

Let Your Camera See for You: A Novel Two-Factor Authentication Method against Real-Time Phishing Attacks

Today, two-factor authentication (2FA) is a widely implemented mechanism...

Measuring the Performance of Encrypted DNS Protocols from Broadband Access Networks

Until recently, DNS traffic was unencrypted, leaving users vulnerable to...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.