2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS) (2018)
Jul 2, 2018 to Jul 6, 2018
Website fingerprinting attacks attempt to identify the website visited in anonymized and encrypted network traffic, that is, even if a user is using Tor and HTTPS. These attacks have been shown to be effective. Mitigations have been proposed which decreased the accuracy of the attacks from about 90% to about 20%. We propose a new mitigation technique based on traffic morphing and clustering. The intuition is that a lot of websites, by nature, are similar and can be clustered together. It is then easier and more efficient to make that whole cluster look exactly the same by using traffic morphing, rather than adding noise to make all websites look similar. All the websites in a cluster, thus, would become indistinguishable. There are many ways to perform traffic morphing. As a proof of concept, we used biggest, which means that all websites in a cluster will look exactly like the biggest website (in terms of network packet size) of that cluster. In simulating our proposed approach, the fingerprinting accuracy dropped from 70% to less than 1%.
computer network security, cryptography, telecommunication traffic, Web sites
E. Chan-Tin, T. Kim and J. Kim, "Website Fingerprinting Attack Mitigation Using Traffic Morphing," 2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS), Vienna, Austria, 2018, pp. 1575-1578.