Abstract-The website fingerprinting attack aims to identify the content (i.e., a webpage accessed by a client) of encrypted and anonymized connections by observing patterns of data flows such as packet size and direction. This attack can be performed by a local passive eavesdropper -one of the weakest adversaries in the attacker model of anonymization networks such as Tor.In this paper, we present a novel website fingerprinting attack. Based on a simple and comprehensible idea, our approach outperforms all state-of-the-art methods in terms of classification accuracy while being computationally dramatically more efficient. In order to evaluate the severity of the website fingerprinting attack in reality, we collected the most representative dataset that has ever been built, where we avoid simplified assumptions made in the related work regarding selection and type of webpages and the size of the universe. Using this data, we explore the practical limits of website fingerprinting at Internet scale. Although our novel approach is by orders of magnitude computationally more efficient and superior in terms of detection accuracy, for the first time we show that no existing method -including our own -scales when applied in realistic settings. With our analysis, we explore neglected aspects of the attack and investigate the realistic probability of success for different strategies a real-world adversary may follow.
Abstract-Anonymous communication aims to hide the relationship between communicating parties on the Internet. It is the technical basis for achieving privacy and overcoming censorship. Presently there are only a few systems that are of practical relevance for providing anonymity. One of the most widespread and well researched is Tor which is based on onion routing.Usage of Tor, however, often leads to long delays which are not tolerated by end-users. This, in return, discourages many of them from using the system and lowers the protection for the remaining ones. In this paper we analyze the bottlenecks in the Tor network and propose new methods of path selection that better utilize available capacities in the heterogeneous network and allow performance-improved onion routing. Our methods are based on the combination of remotely measured current load of the nodes and an estimation of their maximum capacity. We evaluate the proposed methods in a Tor network running in PlanetLab where we tried as far as possible to recreate real-world conditions. Finally, we present a practical approach to empirically analyze the strength of anonymity that different methods of path selection provide in comparison to each other. We show the risk of the currently used method for path selection in Tor and provide a countermeasure to protect against this risk by effectively detecting nodes that lie about their capacity.
Commonly used identifiers for IEEE 802.11 access points (APs), such as network name (SSID), MAC, or IP address can be easily spoofed. This allows an attacker to fake a real AP and intercept, collect, or alter (potentially even encrypted) data.In this paper, we address the aforementioned problem by studying limits of unique remote physical device identification based on their clock skew-an unavoidable phenomenon that causes clocks to run at marginal but measurably different speed. To this end, we propose an algorithm for passive fingerprinting using timestamps regularly sent by APs in beacon frames. The major advantages of our method are that it is online and that we are able to eliminate the influence of clock skew of the measurement device. Hence, fingerprints performed by different devices become comparable. We calculate the precision of our clock skew measurement algorithm and provide a termination criterion for estimation of the clock skew with arbitrary precision. Moreover, conducting a large scale evaluation, we study the stability and uniqueness of clock skew as a means for remote wireless device identification.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.