Website fingerprinting on early QUIC traffic

نویسندگان

چکیده

Cryptographic protocols have been widely used to protect the user’s privacy and avoid exposing private information. QUIC (Quick UDP Internet Connections), including version originally designed by Google (GQUIC) standardized IETF (IQUIC), as alternatives traditional HTTP, demonstrate their unique transmission characteristics: based on for encrypted resource transmitting, accelerating web page rendering. However, existing schemes TCP are vulnerable website fingerprinting (WFP) attacks, allowing adversaries infer users’ visited websites eavesdropping channel. Whether GQUIC IQUIC can effectively resist such attacks is worth investigating. In this paper, we study vulnerabilities of GQUIC, IQUIC, HTTPS WFP from perspective traffic analysis. Extensive experiments show that, in early scenario, most among HTTPS, while more than but vulnerability three similar normal full scenario. Features transferring analysis shows that features transferable between when which enable adversary use proven effective a special protocol efficiently attacking new protocol. combining with qualitative latent feature representation, find inefficient traffic, significantly different magnitude variation distribution traffic. By upgrading one-time multiple Top-a attack accuracy reach 95.4% 95.5%, respectively, only 40 packets just using simple features, whereas 60.7% HTTPS. Finally, conducting flawed networks, also slightly dependent network environment.

برای دانلود باید عضویت طلایی داشته باشید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Website Fingerprinting using Traffic Analysis Attacks

Website fingerprinting is the act of recognizing web traffic through surveillance despite the use of encryption or anonymizing software. The overall idea is to leverage the fact that many web sites have specific request patterns, response byte counts, and other similar coarse features that are known beforehand. This information can be used to recognize and classify different website traffic des...

متن کامل

On Realistically Attacking Tor with Website Fingerprinting

Website fingerprinting allows a local, passive observer monitoring a web-browsing client’s encrypted channel to determine her web activity. Previous attacks have shown that website fingerprinting could be a threat to anonymity networks such as Tor under laboratory conditions. However, there are significant differences between laboratory conditions and realistic conditions. First, in laboratory ...

متن کامل

Website Fingerprinting at Internet Scale

The website fingerprinting attack aims to identify the content (i.e., a webpage accessed by a client) of encrypted and anonymized connections by observing patterns of data flows such as packet size and direction. This attack can be performed by a local passive eavesdropper – one of the weakest adversaries in the attacker model of anonymization networks such as Tor. In this paper, we present a n...

متن کامل

Deep Learning Website Fingerprinting Features

Anonymity networks like Tor enable Internet users to browse the web anonymously. This helps citizens circumvent censorship from repressive governments, journalists communicate with anonymous sources or regular users to avoid tracking online. However, adversaries can try to identify anonymous users by deploying several attacks. One of such attacks is website fingerprinting. Website fingerprintin...

متن کامل

Poster: Novel Website Fingerprinting Techniques

Web-browsing clients may choose to browse the web by using proxies with encryption to secure their privacy. An attacker watching the outgoing connection of such a client will not be able to know the content or destination of their packets, unless the attacker uses website fingerprinting. Website fingerprinting is the process by which an attacker identifies which server a client is communicating...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

ژورنال

عنوان ژورنال: Computer Networks

سال: 2021

ISSN: ['1872-7069', '1389-1286']

DOI: https://doi.org/10.1016/j.comnet.2021.108538