Website Fingerprinting Defenses at the Application Layer. / Cherubin, Giovanni; Hayes, Jamie; Juarez, Marc.

In: Proceedings on Privacy Enhancing Technologies, Vol. 2017, No. 2, 2017, p. 186-203.

Research output: Contribution to journalArticlepeer-review

Published

Standard

Website Fingerprinting Defenses at the Application Layer. / Cherubin, Giovanni; Hayes, Jamie; Juarez, Marc.

In: Proceedings on Privacy Enhancing Technologies, Vol. 2017, No. 2, 2017, p. 186-203.

Research output: Contribution to journalArticlepeer-review

Harvard

Cherubin, G, Hayes, J & Juarez, M 2017, 'Website Fingerprinting Defenses at the Application Layer', Proceedings on Privacy Enhancing Technologies, vol. 2017, no. 2, pp. 186-203. https://doi.org/10.1515/popets-2017-0023

APA

Cherubin, G., Hayes, J., & Juarez, M. (2017). Website Fingerprinting Defenses at the Application Layer. Proceedings on Privacy Enhancing Technologies, 2017(2), 186-203. https://doi.org/10.1515/popets-2017-0023

Vancouver

Cherubin G, Hayes J, Juarez M. Website Fingerprinting Defenses at the Application Layer. Proceedings on Privacy Enhancing Technologies. 2017;2017(2):186-203. https://doi.org/10.1515/popets-2017-0023

Author

Cherubin, Giovanni ; Hayes, Jamie ; Juarez, Marc. / Website Fingerprinting Defenses at the Application Layer. In: Proceedings on Privacy Enhancing Technologies. 2017 ; Vol. 2017, No. 2. pp. 186-203.

BibTeX

@article{a48933e93f344e69884b7ba5919355b8,
title = "Website Fingerprinting Defenses at the Application Layer",
abstract = "Website Fingerprinting (WF) allows a passive network adversary to learn the websites that a client visits by analyzing traffic patterns that are unique to each website. It has been recently shown that these attacks are particularly effective against .onion sites, anonymous web servers hosted within the Tor network. Given the sensitive nature of the content of these services, the implications of WF on the Tor network are alarming. Prior work has only considered defenses at the client-side arguing that web servers lack of incentives to adopt countermeasures. Furthermore, most of these defenses have been designed to operate on the stream of network packets, making practical deployment difficult. In this paper, we propose two application-level defenses including the first server-side defense against WF, as .onion services have incentives to support it. The other defense is a lightweight client-side defense implemented as a browser add-on, improving ease of deployment over previous approaches. In our evaluations, the server-side defense is able to reduce WF accuracy on Tor .onion sites from 69.6% to 10% and the client-side defense reduces accuracy from 64% to 31.5%.",
keywords = "privacy , anonymity, website fingerprinting",
author = "Giovanni Cherubin and Jamie Hayes and Marc Juarez",
year = "2017",
doi = "10.1515/popets-2017-0023",
language = "English",
volume = "2017",
pages = "186--203",
journal = "Proceedings on Privacy Enhancing Technologies",
issn = "2299-0984",
publisher = "de Gruyter",
number = "2",

}

RIS

TY - JOUR

T1 - Website Fingerprinting Defenses at the Application Layer

AU - Cherubin, Giovanni

AU - Hayes, Jamie

AU - Juarez, Marc

PY - 2017

Y1 - 2017

N2 - Website Fingerprinting (WF) allows a passive network adversary to learn the websites that a client visits by analyzing traffic patterns that are unique to each website. It has been recently shown that these attacks are particularly effective against .onion sites, anonymous web servers hosted within the Tor network. Given the sensitive nature of the content of these services, the implications of WF on the Tor network are alarming. Prior work has only considered defenses at the client-side arguing that web servers lack of incentives to adopt countermeasures. Furthermore, most of these defenses have been designed to operate on the stream of network packets, making practical deployment difficult. In this paper, we propose two application-level defenses including the first server-side defense against WF, as .onion services have incentives to support it. The other defense is a lightweight client-side defense implemented as a browser add-on, improving ease of deployment over previous approaches. In our evaluations, the server-side defense is able to reduce WF accuracy on Tor .onion sites from 69.6% to 10% and the client-side defense reduces accuracy from 64% to 31.5%.

AB - Website Fingerprinting (WF) allows a passive network adversary to learn the websites that a client visits by analyzing traffic patterns that are unique to each website. It has been recently shown that these attacks are particularly effective against .onion sites, anonymous web servers hosted within the Tor network. Given the sensitive nature of the content of these services, the implications of WF on the Tor network are alarming. Prior work has only considered defenses at the client-side arguing that web servers lack of incentives to adopt countermeasures. Furthermore, most of these defenses have been designed to operate on the stream of network packets, making practical deployment difficult. In this paper, we propose two application-level defenses including the first server-side defense against WF, as .onion services have incentives to support it. The other defense is a lightweight client-side defense implemented as a browser add-on, improving ease of deployment over previous approaches. In our evaluations, the server-side defense is able to reduce WF accuracy on Tor .onion sites from 69.6% to 10% and the client-side defense reduces accuracy from 64% to 31.5%.

KW - privacy

KW - anonymity

KW - website fingerprinting

U2 - 10.1515/popets-2017-0023

DO - 10.1515/popets-2017-0023

M3 - Article

VL - 2017

SP - 186

EP - 203

JO - Proceedings on Privacy Enhancing Technologies

JF - Proceedings on Privacy Enhancing Technologies

SN - 2299-0984

IS - 2

ER -