The nature of statistical learning theory
The nature of statistical learning theory
A guided tour to approximate string matching
ACM Computing Surveys (CSUR)
Statistical Identification of Encrypted Web Browsing Traffic
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
HMM profiles for network traffic classification
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Inferring the source of encrypted HTTP connections
Proceedings of the 13th ACM conference on Computer and communications security
Not quite the average: An empirical study of Web use
ACM Transactions on the Web (TWEB)
Proceedings of the 2009 ACM workshop on Cloud computing security
Fingerprinting websites using traffic analysis
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Fingerprinting websites using remote traffic analysis
Proceedings of the 17th ACM conference on Computer and communications security
Website fingerprinting and identification using ordered feature sequences
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Inferring users' online activities through traffic analysis
Proceedings of the fourth ACM conference on Wireless network security
Phonotactic Reconstruction of Encrypted VoIP Conversations: Hookt on Fon-iks
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
Website fingerprinting in onion routing based anonymization networks
Proceedings of the 10th annual ACM workshop on Privacy in the electronic society
Fingerprinting attack on the tor anonymity system
ICICS'09 Proceedings of the 11th international conference on Information and Communications Security
Privacy vulnerabilities in encrypted HTTP streams
PET'05 Proceedings of the 5th international conference on Privacy Enhancing Technologies
Attacking Anonymous Web Browsing at Local Area Networks Through Browsing Dynamics
The Computer Journal
Peek-a-Boo, I Still See You: Why Efficient Traffic Analysis Countermeasures Fail
SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
POSTER: PnP: improving web browsing performance over tor using web resource prefetch-and-push
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Users get routed: traffic correlation on tor by realistic adversaries
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Improved website fingerprinting on Tor
Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society
ScrambleSuit: a polymorphic network protocol to circumvent censorship
Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society
Hi-index | 0.00 |
We present a novel web page fingerprinting attack that is able to defeat several recently proposed defenses against traffic analysis attacks, including the application-level defenses HTTPOS and randomized pipelining over Tor. Regardless of the defense scheme, our attack was able to guess which of 100 web pages a victim was visiting at least 50% of the time and, with some defenses, over 90% of the time. Our attack is based on a simple model of network behavior and out-performs previously proposed ad hoc attacks. We then build a web site fingerprinting attack that is able to identify whether a victim is visiting a particular web site with over 90% accuracy in our experiments. Our results strongly suggest that ad hoc defenses against traffic analysis are not likely to succeed. Consequently, we describe a defense scheme that provides provable security properties, albeit with potentially higher overheads.