Few-shot website fingerprinting attack

“…With the anonymized network traffic data of the single webpage as the input, different WF attacks have been proposed. They can be mainly divided into three categories: traditional ST-WFA [4][5][6][9][10][11], deep learning based ST-WFA [3,7,8,12] and few-shot ST-WFA [13][14][15].…”

“…Deep models often need a large number of training data, which could be difficult to collect in many cases. To overcome this challenge, few-shot learning has been introduced with representative works including TF [13], TLFA [14], and HDA [15]. In particular, TLFA can achieve over 90% accuracy with only one sample per new website through knowledge reuse of seen websites.…”

“…As a result, there are a total of 18 different overlapping types. With the single-tab traces from DS-19 ATTACKTRAIN , we generate 9900 × 18/ -tab traces for each ∈ [2,5,8,11,14,17] and the overlapping types are randomly selected. With the base rate r = 10, there are 900 × 18 single monitored traces and 9000 × 18 single unmonitored traces for every case.…”

“…The 100way 20-shot performance means that, with 100 new websites of AWF te , we freeze the feature extractor and only fine-tune its classifier with only 20 samples per website, and test the finetuned model in the closed-world scenario in which another 15 samples per website are randomly chosen. Except for the input of a 512-length burst sequence, we follow the same training and test setting of Chen [14], with the logistic regression classifier. About the baseline TLFA [14], we choose the 5000length cell sequence as input, DF [8] as the feature extractor, and the logistic regression as the classifier.…”

“…However, by observing the side-channel pattern without decryption on any one of the on-path routers before entering Tor's entry proxy, an attacker could still compromise a user's browsing privacy via traffic analysis, i.e., website fingerprinting attack (WFA). In the past decade, an extensive number of existing studies [3][4][5][6][7][8][9][10][11][12] have achieved remarkable success, even with only a few training samples per website [13][14][15].…”

End-to-End Multi-Tab Website Fingerprinting Attack: A Detection Perspective

“…With the anonymized network traffic data of the single webpage as the input, different WF attacks have been proposed. They can be mainly divided into three categories: traditional ST-WFA [4][5][6][9][10][11], deep learning based ST-WFA [3,7,8,12] and few-shot ST-WFA [13][14][15].…”

“…Deep models often need a large number of training data, which could be difficult to collect in many cases. To overcome this challenge, few-shot learning has been introduced with representative works including TF [13], TLFA [14], and HDA [15]. In particular, TLFA can achieve over 90% accuracy with only one sample per new website through knowledge reuse of seen websites.…”

“…As a result, there are a total of 18 different overlapping types. With the single-tab traces from DS-19 ATTACKTRAIN , we generate 9900 × 18/ -tab traces for each ∈ [2,5,8,11,14,17] and the overlapping types are randomly selected. With the base rate r = 10, there are 900 × 18 single monitored traces and 9000 × 18 single unmonitored traces for every case.…”

“…The 100way 20-shot performance means that, with 100 new websites of AWF te , we freeze the feature extractor and only fine-tune its classifier with only 20 samples per website, and test the finetuned model in the closed-world scenario in which another 15 samples per website are randomly chosen. Except for the input of a 512-length burst sequence, we follow the same training and test setting of Chen [14], with the logistic regression classifier. About the baseline TLFA [14], we choose the 5000length cell sequence as input, DF [8] as the feature extractor, and the logistic regression as the classifier.…”

“…However, by observing the side-channel pattern without decryption on any one of the on-path routers before entering Tor's entry proxy, an attacker could still compromise a user's browsing privacy via traffic analysis, i.e., website fingerprinting attack (WFA). In the past decade, an extensive number of existing studies [3][4][5][6][7][8][9][10][11][12] have achieved remarkable success, even with only a few training samples per website [13][14][15].…”

End-to-End Multi-Tab Website Fingerprinting Attack: A Detection Perspective

Tiny WFP: Lightweight and Effective Website Fingerprinting via Wavelet Multi-Resolution Analysis

A website fingerprinting technology with time-sampling