DeepSE-WF: Unified Security Estimation for Website Fingerprinting Defenses

Website fingerprinting (WF) attacks, usually conducted with the help of a machine learning-based classifier, enable network eavesdropper to pinpoint which website user is accessing through inspection traffic patterns. These attacks have been shown succeed even when users browse Internet encrypted tunnels, e.g., Tor or VPNs. To assess security new defenses against WF recent works proposed feature-dependent theoretical frameworks that estimate Bayes error an adversary's features set mutual information leaked by manually-crafted features. Unfortunately, as increasingly rely on deep learning and latent feature spaces, our experiments show estimations based simpler (and less informative) can no longer be trusted potential success adversary in defeating such defenses. In this work, we propose DeepSE-WF, novel estimation framework leverages specialized kNN-based estimators produce estimates from learned thus bridging gap between current methods. Our evaluation reveals DeepSE-WF produces tighter than previous frameworks, reducing required computational resources output one order magnitude.