Fingerprintability of WebRTC
David Fifield, Mia Gil Epner
TL;DR
This paper investigates how WebRTC's implementation differences can be used to fingerprint and potentially identify circumvention tools, highlighting challenges in resisting such fingerprinting.
Contribution
It provides a detailed analysis of WebRTC implementation variations and quantifies their prevalence and diversity in real network traffic.
Findings
WebRTC implementations exhibit identifiable differences.
Fingerprinting WebRTC is feasible and prevalent.
Resisting WebRTC fingerprinting is challenging.
Abstract
We examine WebRTC's suitability as a means of Internet censorship circumvention. WebRTC is a framework and suite of protocols for peer-to-peer communication between web browsers. We analyze the implementation differences in instantiations of WebRTC that make it possible to "fingerprint" implementations--potentially distinguishing circumvention-related uses from ordinary ones. This question is relevant to Snowflake, an upcoming circumvention system that uses WebRTC to turn web browsers into temporary peer-to-peer proxies. We conduct a manual analysis of WebRTC-using applications in order to map the space of distinguishing implementation features. We run a fingerprinting script on a day's worth of network traffic in order to quantify WebRTC's prevalence and diversity. Throughout, we find pitfalls that indicate that resisting fingerprinting in WebRTC is likely to be non-trivial.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsInternet Traffic Analysis and Secure E-voting · Network Security and Intrusion Detection · Advanced Malware Detection Techniques