Measuring information leakage in website fingerprinting attacks and defenses

Shuai Li; Huajun Guo; Nick Hopper

doi:10.1145/3243734.3243832

Measuring information leakage in website fingerprinting attacks and defenses

Shuai Li, Huajun Guo, Nick Hopper

Computer Science and Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

39 Scopus citations

Abstract

Tor provides low-latency anonymous and uncensored network access against a local or network adversary. Due to the design choice to minimize traffic overhead (and increase the pool of potential users) Tor allows some information about the client’s connections to leak. Attacks using (features extracted from) this information to infer the website a user visits are called Website Fingerprinting (WF) attacks. We develop a methodology and tools to measure the amount of leaked information about a website. We apply this tool to a comprehensive set of features extracted from a large set of websites and WF defense mechanisms, allowing us to make more fine-grained observations about WF attacks and defenses.

Original language	English (US)
Title of host publication	CCS 2018 - Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security
Publisher	Association for Computing Machinery
Pages	1977-1992
Number of pages	16
ISBN (Electronic)	9781450356930
DOIs	https://doi.org/10.1145/3243734.3243832
State	Published - Oct 15 2018
Event	25th ACM Conference on Computer and Communications Security, CCS 2018 - Toronto, Canada Duration: Oct 15 2018 → …

Publication series

Name	Proceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)	1543-7221

Other

Other	25th ACM Conference on Computer and Communications Security, CCS 2018
Country/Territory	Canada
City	Toronto
Period	10/15/18 → …

Bibliographical note

Funding Information:
We would like to thank Tao Wang, Marc Juarez, Michael Carl Tschantz, Vern Paxson, George Karypis, Sheng Chen for the helpful discussions which improved this paper. We thank Marc Juarez et al. for helping us on Tor Browser Crawler. Shuai specially thanks his wife Wen Xing for her support and valued encouragement in this work. This paper is supported by NSF 1314637 and NSF 1815757.

Publisher Copyright:
© 2018 Association for Computing Machinery.

Keywords

Anonymity
Tor
Website fingerprinting

Publisher link

10.1145/3243734.3243832

Find It

Find It at U of M Libraries

Cite this

Li, S., Guo, H., & Hopper, N. (2018). Measuring information leakage in website fingerprinting attacks and defenses. In CCS 2018 - Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (pp. 1977-1992). (Proceedings of the ACM Conference on Computer and Communications Security). Association for Computing Machinery. https://doi.org/10.1145/3243734.3243832

Measuring information leakage in website fingerprinting attacks and defenses. / Li, Shuai; Guo, Huajun; Hopper, Nick.

CCS 2018 - Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, 2018. p. 1977-1992 (Proceedings of the ACM Conference on Computer and Communications Security).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Li, S, Guo, H & Hopper, N 2018, Measuring information leakage in website fingerprinting attacks and defenses. in CCS 2018 - Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. Proceedings of the ACM Conference on Computer and Communications Security, Association for Computing Machinery, pp. 1977-1992, 25th ACM Conference on Computer and Communications Security, CCS 2018, Toronto, Canada, 10/15/18. https://doi.org/10.1145/3243734.3243832

@inproceedings{890d272633dd4bfb9fe11d7fe0e352d9,

title = "Measuring information leakage in website fingerprinting attacks and defenses",

abstract = "Tor provides low-latency anonymous and uncensored network access against a local or network adversary. Due to the design choice to minimize traffic overhead (and increase the pool of potential users) Tor allows some information about the client{\textquoteright}s connections to leak. Attacks using (features extracted from) this information to infer the website a user visits are called Website Fingerprinting (WF) attacks. We develop a methodology and tools to measure the amount of leaked information about a website. We apply this tool to a comprehensive set of features extracted from a large set of websites and WF defense mechanisms, allowing us to make more fine-grained observations about WF attacks and defenses.",

keywords = "Anonymity, Tor, Website fingerprinting",

author = "Shuai Li and Huajun Guo and Nick Hopper",

note = "Funding Information: We would like to thank Tao Wang, Marc Juarez, Michael Carl Tschantz, Vern Paxson, George Karypis, Sheng Chen for the helpful discussions which improved this paper. We thank Marc Juarez et al. for helping us on Tor Browser Crawler. Shuai specially thanks his wife Wen Xing for her support and valued encouragement in this work. This paper is supported by NSF 1314637 and NSF 1815757. Publisher Copyright: {\textcopyright} 2018 Association for Computing Machinery.; 25th ACM Conference on Computer and Communications Security, CCS 2018 ; Conference date: 15-10-2018",

year = "2018",

month = oct,

day = "15",

doi = "10.1145/3243734.3243832",

language = "English (US)",

series = "Proceedings of the ACM Conference on Computer and Communications Security",

publisher = "Association for Computing Machinery",

pages = "1977--1992",

booktitle = "CCS 2018 - Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security",

}

TY - GEN

T1 - Measuring information leakage in website fingerprinting attacks and defenses

AU - Li, Shuai

AU - Guo, Huajun

AU - Hopper, Nick

N1 - Funding Information: We would like to thank Tao Wang, Marc Juarez, Michael Carl Tschantz, Vern Paxson, George Karypis, Sheng Chen for the helpful discussions which improved this paper. We thank Marc Juarez et al. for helping us on Tor Browser Crawler. Shuai specially thanks his wife Wen Xing for her support and valued encouragement in this work. This paper is supported by NSF 1314637 and NSF 1815757. Publisher Copyright: © 2018 Association for Computing Machinery.

PY - 2018/10/15

Y1 - 2018/10/15

N2 - Tor provides low-latency anonymous and uncensored network access against a local or network adversary. Due to the design choice to minimize traffic overhead (and increase the pool of potential users) Tor allows some information about the client’s connections to leak. Attacks using (features extracted from) this information to infer the website a user visits are called Website Fingerprinting (WF) attacks. We develop a methodology and tools to measure the amount of leaked information about a website. We apply this tool to a comprehensive set of features extracted from a large set of websites and WF defense mechanisms, allowing us to make more fine-grained observations about WF attacks and defenses.

AB - Tor provides low-latency anonymous and uncensored network access against a local or network adversary. Due to the design choice to minimize traffic overhead (and increase the pool of potential users) Tor allows some information about the client’s connections to leak. Attacks using (features extracted from) this information to infer the website a user visits are called Website Fingerprinting (WF) attacks. We develop a methodology and tools to measure the amount of leaked information about a website. We apply this tool to a comprehensive set of features extracted from a large set of websites and WF defense mechanisms, allowing us to make more fine-grained observations about WF attacks and defenses.

KW - Anonymity

KW - Tor

KW - Website fingerprinting

UR - http://www.scopus.com/inward/record.url?scp=85056880426&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85056880426&partnerID=8YFLogxK

U2 - 10.1145/3243734.3243832

DO - 10.1145/3243734.3243832

M3 - Conference contribution

AN - SCOPUS:85056880426

T3 - Proceedings of the ACM Conference on Computer and Communications Security

SP - 1977

EP - 1992

BT - CCS 2018 - Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security

PB - Association for Computing Machinery

T2 - 25th ACM Conference on Computer and Communications Security, CCS 2018

Y2 - 15 October 2018

ER -

Measuring information leakage in website fingerprinting attacks and defenses

Abstract

Publication series

Other

Bibliographical note

Keywords

Publisher link

Find It

Other files and links

Fingerprint

Cite this