Research Article
Efficient, Effective, and Realistic Website Fingerprinting Mitigation
@ARTICLE{10.4108/eai.29-1-2019.161977, author={Weiqi Cui and Jiangmin Yu and Yanmin Gong and Eric Chan-Tin}, title={Efficient, Effective, and Realistic Website Fingerprinting Mitigation}, journal={EAI Endorsed Transactions on Security and Safety}, volume={6}, number={20}, publisher={EAI}, journal_a={SESA}, year={2019}, month={4}, keywords={Privacy, Noise, Website Fingerprinting, Cover Traffic}, doi={10.4108/eai.29-1-2019.161977} }- Weiqi Cui
Jiangmin Yu
Yanmin Gong
Eric Chan-Tin
Year: 2019
Efficient, Effective, and Realistic Website Fingerprinting Mitigation
SESA
EAI
DOI: 10.4108/eai.29-1-2019.161977
Abstract
Website fingerprinting attacks have been shown to be able to predict the website visited even if the network connection is encrypted and anonymized. These attacks have achieved accuracies as high as 92%. Mitigations to these attacks are using cover/decoy network traffic to add noise, padding to ensure all the network packets are the same size, and introducing network delays to confuse an adversary. Although these mitigations have been shown to be effective, reducing the accuracy to 10%, the overhead is high. The latency overhead is above 100% and the bandwidth overhead is at least 30%. We introduce a new realistic cover traffic algorithm, based on a user’s previous network traffic, to mitigate website fingerprinting attacks. In simulations, our algorithm reduces the accuracy of attacks to 14% with zero latency overhead and about 20% bandwidth overhead. In real-world experiments, our algorithms reduces the accuracy of attacks to 16% with only 20% bandwidth overhead.
Copyright © 2019 Weiqi Cui et al., licensed to EAI. This is an open access article distributed under the terms of the Creative Commons Attribution license (http://creativecommons.org/licenses/by/3.0/), which permits unlimited use, distribution and reproduction in any medium so long as the original work is properly cited.
