Website fingerprinting on early QUIC traffic

Cryptographic protocols have been widely used to protect the user’s privacy and avoid exposing private information. QUIC (Quick UDP Internet Connections), including version originally designed by Google (GQUIC) standardized IETF (IQUIC), as alternatives traditional HTTP, demonstrate their unique transmission characteristics: based on for encrypted resource transmitting, accelerating web page rendering. However, existing schemes TCP are vulnerable website fingerprinting (WFP) attacks, allowing adversaries infer users’ visited websites eavesdropping channel. Whether GQUIC IQUIC can effectively resist such attacks is worth investigating. In this paper, we study vulnerabilities of GQUIC, IQUIC, HTTPS WFP from perspective traffic analysis. Extensive experiments show that, in early scenario, most among HTTPS, while more than but vulnerability three similar normal full scenario. Features transferring analysis shows that features transferable between when which enable adversary use proven effective a special protocol efficiently attacking new protocol. combining with qualitative latent feature representation, find inefficient traffic, significantly different magnitude variation distribution traffic. By upgrading one-time multiple Top-a attack accuracy reach 95.4% 95.5%, respectively, only 40 packets just using simple features, whereas 60.7% HTTPS. Finally, conducting flawed networks, also slightly dependent network environment.