• Corpus ID: 224803775

Adaptive Traffic Fingerprinting: Large-scale Inference under Realistic Assumptions

  title={Adaptive Traffic Fingerprinting: Large-scale Inference under Realistic Assumptions},
  author={Vasilios Mavroudis and Jamie Hayes},
The widespread adoption of encrypted communications (e.g., the TLS protocol, the Tor anonymity network) fixed several critical security flaws and shielded the end-users from adversaries intercepting their transmitted data. While these protocols are very effective in protecting the confidentiality of the users' data (e.g., credit card numbers), it has been shown that they are prone (to different degrees) to adversaries aiming to breach the users' privacy. Traffic fingerprinting attacks allow an… 

Figures and Tables from this paper



Website Fingerprinting at Internet Scale

This paper presents a novel website fingerprinting attack that outperforms all state-of-the-art methods in terms of classification accuracy while being computationally dramatically more efficient and shows that no existing method scales when applied in realistic settings.

Effective Attacks and Provable Defenses for Website Fingerprinting

This paper shows how simulatable, deterministic defenses can be provably private, and shows that bandwidth overhead optimality can be achieved for these defenses by using a supersequence over anonymity sets of packet sequences.

Analyzing HTTPS encrypted traffic to identify user's operating system, browser and application

It is shown that an external attacker can identify the operating system, browser and application of HTTP encrypted traffic (HTTPS) to the best of the knowledge, this is the first work that shows this.

Identifying Website Users by TLS Traffic Analysis: New Attacks and Effective Countermeasures

This work proposes a novel length-hiding scheme that leverages standard TLS padding to enforce website-specific privacy policies and proposes the first countermeasure that is standards-based, provably secure, and experimentally effective, yet pragmatic.

A Critical Evaluation of Website Fingerprinting Attacks

It is shown that certain variables, for example, user's browsing habits, differences in location and version of Tor Browser Bundle, that are usually omitted from the current WF model have a significant impact on the efficacy of the attack.

An Active De-anonymizing Attack Against Tor Web Traffic

A novel active website fingerprinting attack by identifying and delaying the HTTP requests at the first hop Tor node and two algorithms based on statistical analysis and objective function optimization are proposed to construct a general packet delay scheme.

Privacy Vulnerabilities in Encrypted HTTP Streams

A straightforward traffic analysis attack against encrypted HTTP streams that is surprisingly effective in identifying the source of the traffic and proposes some countermeasures and improvements.

k-fingerprinting: A Robust Scalable Website Fingerprinting Technique

The technique, k-fingerprinting, performs better than current state-of-the-art attacks even against website fingerprinting defenses, and it is shown that it is possible to launch aWebsite fingerprinting attack in the face of a large amount of noisy data.

Markov chain fingerprinting to classify encrypted traffic

Stochastic fingerprints for application traffic flows conveyed in Secure Socket Layer/Transport Layer Security sessions are proposed based on first-order homogeneous Markov chains for which the parameters from observed training application traces result in a very good accuracy of application discrimination and a possibility of detecting abnormal SSL/TLS sessions.

Triplet Fingerprinting: More Practical and Portable Website Fingerprinting with N-shot Learning

A new WF attack called Triplet Fingerprinting (TF) is proposed that uses triplet networks for N-shot learning to reduce the effort of gathering and training with a large WF dataset as well as mitigate the adverse effects of dealing with different network conditions.