Projects per year
Abstract
Website Fingerprinting (WF) allows a passive network adversary to learn the websites that a client visits by analyzing traffic patterns that are unique to each website. It has been recently shown that these attacks are particularly effective against .onion sites, anonymous web servers hosted within the Tor network. Given the sensitive nature of the content of these services, the implications of WF on the Tor network are alarming. Prior work has only considered defenses at the client-side arguing that web servers lack of incentives to adopt countermeasures. Furthermore, most of these defenses have been designed to operate on the stream of network packets, making practical deployment difficult. In this paper, we propose two application-level defenses including the first server-side defense against WF, as .onion services have incentives to support it. The other defense is a lightweight client-side defense implemented as a browser add-on, improving ease of deployment over previous approaches. In our evaluations, the server-side defense is able to reduce WF accuracy on Tor .onion sites from 69.6% to 10% and the client-side defense reduces accuracy from 64% to 31.5%.
Original language | English |
---|---|
Pages (from-to) | 186-203 |
Number of pages | 18 |
Journal | Proceedings on Privacy Enhancing Technologies |
Volume | 2017 |
Issue number | 2 |
Early online date | 4 Apr 2017 |
DOIs | |
Publication status | Published - 2017 |
Keywords
- privacy
- anonymity
- website fingerprinting
Projects
- 1 Finished
-
Centre for Doctoral Training in Cyber Security
Cid, C. (PI), Crampton, J. (CoI), Martin, K. M. (CoI) & Paterson, K. (CoI)
Eng & Phys Sci Res Council EPSRC
1/04/13 → 31/12/19
Project: Research