Website Fingerprinting (WF) attacks threaten user privacy on anonymity networks such as Tor because they can be used by network surveillants to identify the web pages a user is visiting by extracting the size and timing information of the user’s encrypted network traffic; however, Tor is currently undefended against WF because existing defenses have not convincingly shown their effectiveness. Some defenses have been overcome by newer attacks; other defenses have never been implemented and tested in a real open-world scenario, as they had unsolved practical issues for deployment. In this thesis, we focused on designing and evaluating effective defenses that can be deployed in the real Tor network. We proposed three effective defenses that incurred different overhead levels, targeting use...[ Read more ]

Website Fingerprinting (WF) attacks threaten user privacy on anonymity networks such as Tor because they can be used by network surveillants to identify the web pages a user is visiting by extracting the size and timing information of the user’s encrypted network traffic; however, Tor is currently undefended against WF because existing defenses have not convincingly shown their effectiveness. Some defenses have been overcome by newer attacks; other defenses have never been implemented and tested in a real open-world scenario, as they had unsolved practical issues for deployment. In this thesis, we focused on designing and evaluating effective defenses that can be deployed in the real Tor network. We proposed three effective defenses that incurred different overhead levels, targeting users with different security preferences. To deploy and evaluate the effectiveness of the WF defenses, we built a general platform for WF defense implementation.

We first proposed two zero-delay defenses, FRONT, and GLUE. FRONT and GLUE are two practical defenses specifically designed for achieving low overhead. We observed that WF attacks rely on the feature-rich trace front, so FRONT focuses on obfuscating the trace front with dummy packets. It also randomizes the number and distribution of dummy packets for trace-to-trace randomness to impede the attacker’s learning process. GLUE adds dummy packets between separate traces so that they appear to the attacker as a long consecutive trace, rendering the attacker unable to find their start or end points, let alone classify them. Our experiments show that with only 33% data overhead, FRONT reduces the F1-score of the best attack from 0.94 to 0.47. By comparison, the best-known lightweight defense, WTF-PAD, only reduces it to 0.70. With around 22% ― 44% data overhead, GLUE can lower the true positive rate and precision of the best WF attacks to less than 15%, approaching the performance of the best heavyweight defenses.

FRONT is strong and efficient as a lightweight defense, but it is ineffective if we want to reduce the attacker’s true positive rate below 50%. To further thwart WF attacks, we proposed a strong defense, Surakav. Surakav makes use of a Generative Adversarial Network (GAN) to generate realistic sending patterns and regulates buffered data according to these patterns. Experiments show that Surakav is able to reduce the attacker’s true positive rate by 57% with 55% data overhead and 16% time overhead, saving 42% data overhead compared to FRONT. In the heavyweight setting, Surakav outperforms the strongest known defense, Tamaraw, requiring 50% less overhead in data and time to lower the attacker’s true positive rate to only 8%.

We observed that most WF defenses are claimed to be effective only in simulation; few have been implemented and tested in the real world. To determine how these defenses perform in the real world, we built WFDefProxy, a general platform for WF defense implementation on Tor as pluggable transports. We created the first full implementation of five WF defenses: FRONT, Surakav, Tamaraw, RegulaTor, and Random-WT. We evaluated each defense extensively by directly collecting defended datasets in the real Tor network under WFDefProxy. We spotted that defense simulations can be inaccurate, leading to an inaccurate conclusion on a defense performance. Therefore, it is important to evaluate defenses as implementations instead of only simulations to avoid potential misjudgment.