Preprint
New Approaches to Website Fingerprinting Defenses
ArXiv.org
01/23/2014
DOI: 10.48550/arXiv.1401.6022
Abstract
Website fingerprinting attacks enable an adversary to infer which website a
victim is visiting, even if the victim uses an encrypting proxy, such as Tor.
Previous work has shown that all proposed defenses against website
fingerprinting attacks are ineffective.
This paper advances the study of website fingerprinting attacks and defenses
in two ways. First, we develop bounds on the trade-off between security and
bandwidth overhead that any fingerprinting defense scheme can achieve. This
enables us to compare schemes with different security/overhead trade-offs by
comparing how close they are to the lower bound. We then refine, implement, and
evaluate the Congestion Sensitive BuFLO scheme outlined by Cai, et al.
CS-BuFLO, which is based on the provably-secure BuFLO defense proposed by Dyer,
et al., was not fully-specified by Cai, et al, but has nonetheless attracted
the attention of the Tor developers. Our experiments find that CS-BuFLO has
high overhead (around 2.3-2.8x) but can get 6x closer to the bandwidth/security
trade-off lower bound than Tor or plain SSH.
Details
- Title: Subtitle
- New Approaches to Website Fingerprinting Defenses
- Creators
- Xiang CaiRishab NithyanandRob Johnson
- Resource Type
- Preprint
- Publication Details
- ArXiv.org
- DOI
- 10.48550/arXiv.1401.6022
- ISSN
- 2331-8422
- Language
- English
- Date posted
- 01/23/2014
- Academic Unit
- Center for Social Science Innovation; Computer Science; Public Policy Center (Archive)
- Record Identifier
- 9984285644302771
Metrics
29 Record Views