Measuring Information Leakage in Website Fingerprinting Attacks and Defenses
Shuai Li, Huajun Guo, Nicholas Hopper
TL;DR
This paper develops a methodology and tools to measure the amount of information leaked by website fingerprinting attacks and defenses in the Tor network, enabling detailed analysis of vulnerabilities and protection mechanisms.
Contribution
It introduces a novel measurement approach and tools for quantifying information leakage in website fingerprinting, applied across various features and defenses.
Findings
Quantifies information leakage in WF attacks
Analyzes effectiveness of different defenses
Provides detailed insights into leakage mechanisms
Abstract
Tor provides low-latency anonymous and uncensored network access against a local or network adversary. Due to the design choice to minimize traffic overhead (and increase the pool of potential users) Tor allows some information about the client's connections to leak. Attacks using (features extracted from) this information to infer the website a user visits are called Website Fingerprinting (WF) attacks. We develop a methodology and tools to measure the amount of leaked information about a website. We apply this tool to a comprehensive set of features extracted from a large set of websites and WF defense mechanisms, allowing us to make more fine-grained observations about WF attacks and defenses.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsInternet Traffic Analysis and Secure E-voting · Network Security and Intrusion Detection · Spam and Phishing Detection