Statistical Privacy for Streaming Traffic

@article{Zhang2019StatisticalPF,
  title={Statistical Privacy for Streaming Traffic},
  author={Xiaokuan Zhang and Jihun Hamm and Michael K. Reiter and Yinqian Zhang},
  journal={Proceedings 2019 Network and Distributed System Security Symposium},
  year={2019}
}
Machine learning empowers traffic-analysis attacks that breach users’ privacy from their encrypted traffic. Recent advances in deep learning drastically escalate such threats. One prominent example demonstrated recently is a traffic-analysis attack against video streaming by using convolutional neural networks. In this paper, we explore the adaption of techniques previously used in the domains of adversarial machine learning and differential privacy to mitigate the machine-learning-powered… 
Defeating DNN-Based Traffic Analysis Systems in Real-Time With Blind Adversarial Perturbations
TLDR
A Tor pluggable transport is implemented that applies adversarial perturbations on live Tor connections to defeat DNN-based website fingerprinting and flow correlation techniques, the two most-studied types of traffic analysis.
AdvTraffic: Obfuscating Encrypted Traffic with Adversarial Examples
TLDR
The experimental results show that the integration of AdvTraffic, particularly with Generative Adversarial Networks, can effectively mitigate the accuracy of website fingerprinting from 95.0% to 10.2%, even if an attacker retrains a classifier with defended traffic.
Fingerprinting encrypted voice traffic on smart speakers with deep learning
TLDR
This paper built an automatic voice traffic collection tool and collected two large-scale datasets on two smart speakers, Amazon Echo and Google Home, and implemented proof-of-concept attacks by leveraging deep learning, which indicate disturbing privacy concerns.
AWA: Adversarial Website Adaptation
TLDR
This paper proposes a new defense against website fingerprinting attack using adversarial deep learning approaches called Adversarial Website Adaptation (AWA), which creates a transformer set in each run so that each website has a unique transformer to evade the adversary’s classifier.
MemGuard: Defending against Black-Box Membership Inference Attacks via Adversarial Examples
TLDR
This work proposes MemGuard, the first defense with formal utility-loss guarantees against black-box membership inference attacks and is the first one to show that adversarial examples can be used as defensive mechanisms to defend against membership inference attack.
Blind Adversarial Network Perturbations
TLDR
For the first time, it is shown that an adversary can defeat DNN-based traffic analysis techniques by applying adversarial perturbations on the patterns of network traffic.
Realtime Robust Malicious Traffic Detection via Frequency Domain Analysis
TLDR
This work proposes Whisper, a realtime ML based malicious traffic detection system that achieves both high accuracy and high throughput by utilizing frequency domain features, and is robust against various evasion attacks.
Efficient yet Robust Privacy Preservation for MPEG-DASH-Based Video Streaming
TLDR
This paper proposes a novel defense strategy against the attacks with rigorous privacy and performance goals creating a private, scalable solution.
Shuffling the Cards: An Information-Theoretic Defense Against Side Channel Attacks
  • Computer Science, Mathematics
  • 2021
TLDR
This work proposes a novel defense against a broad class of side-channel attacks which bounds the information leaked in a side channel, allowing the defense to provably mitigate leakage, regardless of how the adversary processes their sidechannel observations.
Watching the Watchers: Practical Video Identification Attack in LTE Networks
TLDR
This paper presents the first study of a video identification attack in Long Term Evolution (LTE) networks and proves that this high level of accuracy stems from overcoming the unique challenges related to the operational logic of LTE networks and video streaming systems.
...
...

References

SHOWING 1-10 OF 76 REFERENCES
MACHINE VS MACHINE: MINIMAX-OPTIMAL DEFENSE AGAINST ADVERSARIAL EXAMPLES
TLDR
It is demonstrated that the defense found by numerical minimax optimization is indeed more robust than non-minimax defenses, and directions for improving the result toward achieving robustness against multiple types of attack classes are discussed.
Deep Fingerprinting: Undermining Website Fingerprinting Defenses with Deep Learning
TLDR
Deep Fingerprinting is presented, a new website fingerprinting attack against Tor that leverages a type of deep learning called Convolutional Neural Networks with a sophisticated architecture design and is the only attack that is effective against WTF-PAD with over 90% accuracy.
The Limitations of Deep Learning in Adversarial Settings
TLDR
This work formalizes the space of adversaries against deep neural networks (DNNs) and introduces a novel class of algorithms to craft adversarial samples based on a precise understanding of the mapping between inputs and outputs of DNNs.
Towards Evaluating the Robustness of Neural Networks
TLDR
It is demonstrated that defensive distillation does not significantly increase the robustness of neural networks, and three new attack algorithms are introduced that are successful on both distilled and undistilled neural networks with 100% probability are introduced.
Toward an Efficient Website Fingerprinting Defense
TLDR
This paper proposes a novel, lightweight defense based on Adaptive Padding that provides a sufficient level of security against website fingerprinting, particularly in realistic evaluation conditions.
Effective Attacks and Provable Defenses for Website Fingerprinting
TLDR
This paper shows how simulatable, deterministic defenses can be provably private, and shows that bandwidth overhead optimality can be achieved for these defenses by using a supersequence over anonymity sets of packet sequences.
Walkie-Talkie: An Efficient Defense Against Passive Website Fingerprinting Attacks
TLDR
Walkie-Talkie is proposed, an effective and efficient WF defense that cannot be defeated by any website fingerprinting attack, even hypothetical advanced attacks that use site link information, page visit rates, and intercell timing.
Website fingerprinting in onion routing based anonymization networks
TLDR
It is shown that anonymity in Tor and JAP is not as strong as expected so far and cannot resist website fingerprinting attacks under certain circumstances, and this work is the first successful attack in the open-world scenario.
HTTPOS: Sealing Information Leaks with Browser-side Obfuscation of Encrypted Flows
TLDR
Extensive evaluation of HTTPOS on live web traffic shows that it can successfully prevent the state-of-the-art attacks from inferring private information from encrypted HTTP flows and offer much better scalability and flexibility.
Adversarial Image Perturbation for Privacy Protection A Game Theory Perspective
TLDR
A general game theoretical framework for the user-recogniser dynamics is introduced, and the optimal strategy for the users that assures an upper bound on the recognition rate independent of the recogniser’s counter measure is derived.
...
...