![Page 1: Zero-delay Lightweight Defenses against Website Fingerprinting · Website Fingerprinting • kNN [Wang et al., 2014] • CUMUL [Panchenko et al., 2016] • kFP [Jamie Hayes and George](https://reader036.vdocument.in/reader036/viewer/2022071112/5fe7ed4600127e4ed23eef23/html5/thumbnails/1.jpg)
Zero-delay Lightweight Defenses against Website Fingerprinting
Jiajun GONG, Tao Wang
1
![Page 2: Zero-delay Lightweight Defenses against Website Fingerprinting · Website Fingerprinting • kNN [Wang et al., 2014] • CUMUL [Panchenko et al., 2016] • kFP [Jamie Hayes and George](https://reader036.vdocument.in/reader036/viewer/2022071112/5fe7ed4600127e4ed23eef23/html5/thumbnails/2.jpg)
Website Fingerprinting
WebsiteTor network
2
![Page 3: Zero-delay Lightweight Defenses against Website Fingerprinting · Website Fingerprinting • kNN [Wang et al., 2014] • CUMUL [Panchenko et al., 2016] • kFP [Jamie Hayes and George](https://reader036.vdocument.in/reader036/viewer/2022071112/5fe7ed4600127e4ed23eef23/html5/thumbnails/3.jpg)
Website Fingerprinting (WF)
outgoing incoming Time/volume information
Information leakage
3
fingerprint
Network traffic
WF attackers: ISP, someone under the same network
![Page 4: Zero-delay Lightweight Defenses against Website Fingerprinting · Website Fingerprinting • kNN [Wang et al., 2014] • CUMUL [Panchenko et al., 2016] • kFP [Jamie Hayes and George](https://reader036.vdocument.in/reader036/viewer/2022071112/5fe7ed4600127e4ed23eef23/html5/thumbnails/4.jpg)
Website Fingerprinting
• kNN [Wang et al., 2014]
• CUMUL [Panchenko et al., 2016]
• kFP [Jamie Hayes and George Danezis, 2016]
• DF [Sirinam et al., 2018]
3. Predict
> 90% recallThreat to privacy!
4
1. Collect data 2. Train a classifier
![Page 5: Zero-delay Lightweight Defenses against Website Fingerprinting · Website Fingerprinting • kNN [Wang et al., 2014] • CUMUL [Panchenko et al., 2016] • kFP [Jamie Hayes and George](https://reader036.vdocument.in/reader036/viewer/2022071112/5fe7ed4600127e4ed23eef23/html5/thumbnails/5.jpg)
Defense
• WTF-PAD [Juarez et al. 2016]
Abnormal time gap
Insert a dummy packet
• Tamaraw [Cai et al. 2014]
delay real packetsInsert dummy packets
Broken by DF!
Too expensive
5
![Page 6: Zero-delay Lightweight Defenses against Website Fingerprinting · Website Fingerprinting • kNN [Wang et al., 2014] • CUMUL [Panchenko et al., 2016] • kFP [Jamie Hayes and George](https://reader036.vdocument.in/reader036/viewer/2022071112/5fe7ed4600127e4ed23eef23/html5/thumbnails/6.jpg)
Evaluation of a defense
6
• Privacy
• Overhead:
data overhead =# dummy packets
# real packetscost more bandwidth
time overhead =tnew − told
told
causing delay
Browsing experience
![Page 7: Zero-delay Lightweight Defenses against Website Fingerprinting · Website Fingerprinting • kNN [Wang et al., 2014] • CUMUL [Panchenko et al., 2016] • kFP [Jamie Hayes and George](https://reader036.vdocument.in/reader036/viewer/2022071112/5fe7ed4600127e4ed23eef23/html5/thumbnails/7.jpg)
Defense Question: Better defense?
We proposed two zero-delay lightweight defenses:
FRONT and GLUE
7
0% time overhead little data overhead
![Page 8: Zero-delay Lightweight Defenses against Website Fingerprinting · Website Fingerprinting • kNN [Wang et al., 2014] • CUMUL [Panchenko et al., 2016] • kFP [Jamie Hayes and George](https://reader036.vdocument.in/reader036/viewer/2022071112/5fe7ed4600127e4ed23eef23/html5/thumbnails/8.jpg)
FRONT• General Idea
Original traffic
Client dummy
Server dummy
Obfuscated traffic
Timeline 8
![Page 9: Zero-delay Lightweight Defenses against Website Fingerprinting · Website Fingerprinting • kNN [Wang et al., 2014] • CUMUL [Panchenko et al., 2016] • kFP [Jamie Hayes and George](https://reader036.vdocument.in/reader036/viewer/2022071112/5fe7ed4600127e4ed23eef23/html5/thumbnails/9.jpg)
FRONT
Trace Front
Pr(0 < t ≤ w) = 40 %
Intuition 1: Obfuscating feature-rich trace fronts
Why Rayleigh distribution?
9
Client dummy
Server dummy
How to schedule these dummy packets?
sample
Rayleigh Distribution
![Page 10: Zero-delay Lightweight Defenses against Website Fingerprinting · Website Fingerprinting • kNN [Wang et al., 2014] • CUMUL [Panchenko et al., 2016] • kFP [Jamie Hayes and George](https://reader036.vdocument.in/reader036/viewer/2022071112/5fe7ed4600127e4ed23eef23/html5/thumbnails/10.jpg)
FRONT
Sample
timestamps
n
f(t; w) = tw2 e−t2/2w2(t > 0)
10
Random Variable
Random Variable
’
![Page 11: Zero-delay Lightweight Defenses against Website Fingerprinting · Website Fingerprinting • kNN [Wang et al., 2014] • CUMUL [Panchenko et al., 2016] • kFP [Jamie Hayes and George](https://reader036.vdocument.in/reader036/viewer/2022071112/5fe7ed4600127e4ed23eef23/html5/thumbnails/11.jpg)
FRONT• Set parameters:
• Sample a number of dummy packets
• Decide the shape of distribution
• Sample n timestamps
N, Wmin, Wmax
n ∝ Uniform(1,N)
w ∝ Uniform(Wmin, Wmax)
Intuition 2: Trace-to-trace randomness
11
![Page 12: Zero-delay Lightweight Defenses against Website Fingerprinting · Website Fingerprinting • kNN [Wang et al., 2014] • CUMUL [Panchenko et al., 2016] • kFP [Jamie Hayes and George](https://reader036.vdocument.in/reader036/viewer/2022071112/5fe7ed4600127e4ed23eef23/html5/thumbnails/12.jpg)
Experiment SetupDataset: 100 x 100 + 10000
Monitored non-monitored
Attacker’s goal:
To identify whether the client is visiting a monitored page
and which monitored webpage?
90% training , 10% testing
12
![Page 13: Zero-delay Lightweight Defenses against Website Fingerprinting · Website Fingerprinting • kNN [Wang et al., 2014] • CUMUL [Panchenko et al., 2016] • kFP [Jamie Hayes and George](https://reader036.vdocument.in/reader036/viewer/2022071112/5fe7ed4600127e4ed23eef23/html5/thumbnails/13.jpg)
Experiment Result• Compared with WTF-PAD:
~ 33% data overhead, 0% time overhead
F1 s
core
0
0.2
0.4
0.6
0.8
1
kNN CUMUL kFP DF
UndefendedWTF-PADFRONT
Attack
0.94
0.70
0.47
13
F1 =2 ⋅ recall ⋅ precisionrecall + precision
![Page 14: Zero-delay Lightweight Defenses against Website Fingerprinting · Website Fingerprinting • kNN [Wang et al., 2014] • CUMUL [Panchenko et al., 2016] • kFP [Jamie Hayes and George](https://reader036.vdocument.in/reader036/viewer/2022071112/5fe7ed4600127e4ed23eef23/html5/thumbnails/14.jpg)
Experiment Result• Compared with Tamaraw:
F1 s
core
0
0.2
0.4
0.6
0.8
1
kNN CUMUL kFP DF
TamarawFRONT
Attack14
over
head
(%)
0
60
120
180
Data overhead Time overhead
049
163
78
~ 5 times
![Page 15: Zero-delay Lightweight Defenses against Website Fingerprinting · Website Fingerprinting • kNN [Wang et al., 2014] • CUMUL [Panchenko et al., 2016] • kFP [Jamie Hayes and George](https://reader036.vdocument.in/reader036/viewer/2022071112/5fe7ed4600127e4ed23eef23/html5/thumbnails/15.jpg)
GLUE
Intuition:
difficulty of solving split problem [Juarez et al. 2014, Wang et al. 2016]
15
Load 1
Load 2
timeline
Load 1
Load 2
timeline
![Page 16: Zero-delay Lightweight Defenses against Website Fingerprinting · Website Fingerprinting • kNN [Wang et al., 2014] • CUMUL [Panchenko et al., 2016] • kFP [Jamie Hayes and George](https://reader036.vdocument.in/reader036/viewer/2022071112/5fe7ed4600127e4ed23eef23/html5/thumbnails/16.jpg)
GLUE
Load 1 Trace 2 Trace 3
Timeline
Glue trace1 Glue trace 2 Tail
dmax
Load 1Trace 1
Add FRONT noiseSplit SplitSplit
16
![Page 17: Zero-delay Lightweight Defenses against Website Fingerprinting · Website Fingerprinting • kNN [Wang et al., 2014] • CUMUL [Panchenko et al., 2016] • kFP [Jamie Hayes and George](https://reader036.vdocument.in/reader036/viewer/2022071112/5fe7ed4600127e4ed23eef23/html5/thumbnails/17.jpg)
GLUE
Load 1 Trace 2 Trace 3
Timeline
Glue trace1 Glue trace 2 Tail
dmax
Trace 1
• Cover the first loading with FRONT
• “Glue” all the visits with glue traces
fake loading, obtained by storing the history of some webpages
loaded before
• Maximum duration of a glue trace: dmax ∝ Uniform(tmin, tmax)
ℓ − trace
17
![Page 18: Zero-delay Lightweight Defenses against Website Fingerprinting · Website Fingerprinting • kNN [Wang et al., 2014] • CUMUL [Panchenko et al., 2016] • kFP [Jamie Hayes and George](https://reader036.vdocument.in/reader036/viewer/2022071112/5fe7ed4600127e4ed23eef23/html5/thumbnails/18.jpg)
EvaluationScenario 1: knowing ℓ
• Randomly generated 618 ~ 4500 -traces ( =2~16)
• Undefended dataset:
82% ~ 96% recall and precision (92% split accuracy)
• GLUE dataset:
4% ~ 54% recall and 4% ~ 20% precision
ℓ ℓ
18
![Page 19: Zero-delay Lightweight Defenses against Website Fingerprinting · Website Fingerprinting • kNN [Wang et al., 2014] • CUMUL [Panchenko et al., 2016] • kFP [Jamie Hayes and George](https://reader036.vdocument.in/reader036/viewer/2022071112/5fe7ed4600127e4ed23eef23/html5/thumbnails/19.jpg)
EvaluationScenario 1: without knowing (more realistic)ℓ
• Undefended dataset:
45% ~ 75% recall and 41% ~ 77% precision
• GLUE dataset:
3% ~ 46% recall and 1% ~ 16% precision
19
![Page 20: Zero-delay Lightweight Defenses against Website Fingerprinting · Website Fingerprinting • kNN [Wang et al., 2014] • CUMUL [Panchenko et al., 2016] • kFP [Jamie Hayes and George](https://reader036.vdocument.in/reader036/viewer/2022071112/5fe7ed4600127e4ed23eef23/html5/thumbnails/20.jpg)
Overhead of GLUE• Time overhead 0%.
• Suppose:
• mean dwell time , mean duration of tail dG dL
22-44% data overhead
20
![Page 21: Zero-delay Lightweight Defenses against Website Fingerprinting · Website Fingerprinting • kNN [Wang et al., 2014] • CUMUL [Panchenko et al., 2016] • kFP [Jamie Hayes and George](https://reader036.vdocument.in/reader036/viewer/2022071112/5fe7ed4600127e4ed23eef23/html5/thumbnails/21.jpg)
Summary
• Proposed two lightweight zero-delay defenses:
• FRONT injects dummy packets in a traditional way
Obfuscating the trace fronts
Trace-to-trace randomness
• GLUE explores a new direction for designing a defense
Forces the attacker to solve the split problem
21
![Page 22: Zero-delay Lightweight Defenses against Website Fingerprinting · Website Fingerprinting • kNN [Wang et al., 2014] • CUMUL [Panchenko et al., 2016] • kFP [Jamie Hayes and George](https://reader036.vdocument.in/reader036/viewer/2022071112/5fe7ed4600127e4ed23eef23/html5/thumbnails/22.jpg)
Thanks for listening!
• Source code
https://github.com/websitefingerprinting/WebsiteFingerprinting/
• Contact info:
22