Towards Effective and Efficient Padding Machines for Tor

TL;DR

This paper introduces Interspace, a novel probabilistically-defined padding machine for Tor that improves defense against website fingerprinting attacks by balancing effectiveness and efficiency, outperforming previous padding methods.

Contribution

The paper presents Interspace, a new padding machine that leverages probabilistic design to enhance Tor's defenses against traffic analysis, demonstrating superior performance over existing solutions.

Findings

Interspace outperforms WTF-PAD in effectiveness and efficiency.

Probabilistic padding machines are promising for complex defenses.

Manual tuning and genetic programming aid in designing effective padding machines.

Abstract

Tor recently integrated a circuit padding framework for creating padding machines: defenses that work by defining state machines that inject dummy traffic to protect against traffic analysis attacks like Website Fingerprinting (WF) attacks. In this paper, we explore the design of effective and efficient padding machines to defend against WF attacks. Through the use of carefully crafted datasets, a circuit padding simulator, genetic programming, and manual tuning of padding machines we explore different aspects of what makes padding machines effective and efficient defenses. Our final machine, named Interspace, is probabilistically-defined with a tweakable trade-off between efficiency and effectiveness against the state-of-the-art deep-learning WF attack Deep Fingerprinting by Sirinam et al. We show that Interspace can be both more effective and efficient than WTF-PAD by Juarez et al. the padding machine that inspired the design of Tor's circuit padding framework. We end this paper by showing how Interspace can be made less effective, identifying the promising tactic of probabilistically defined padding machines, and highlighting the need to further explore this tactic in more complex defenses.