This file was created by the TYPO3 extension
bib
--- Timezone: CEST
Creation date: 2024-05-04
Creation time: 23-57-07
--- Number of references
7
inproceedings
2021_mitseva_sequences
POSTER: How Dangerous is My Click? Boosting Website Fingerprinting By Considering Sequences of Webpages
2021
11
17
2411-2413
Website fingerprinting (WFP) is a special case of traffic analysis, where a passive attacker infers information about the content of encrypted and anonymized connections by observing patterns of data flows. Although modern WFP attacks pose a serious threat to online privacy of users, including Tor users, they usually aim to detect single pages only. By ignoring the browsing behavior of users, the attacker excludes valuable information: users visit multiple pages of a single website consecutively, e.g., by following links. In this paper, we propose two novel methods that can take advantage of the consecutive visits of multiple pages to detect websites. We show that two up to three clicks within a site allow attackers to boost the accuracy by more than 20% and to dramatically increase the threat to users' privacy. We argue that WFP defenses have to consider this new dimension of the attack surface.
Traffic Analysis; Website Fingerprinting; Web Privacy
https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-mitseva-fingerprinting-sequences.pdf
ACM
Proceedings of the 28th ACM SIGSAC Conference on Computer and Communications Security (CCS '21), November 15-19, 2021, Seoul, Korea
Seoul, Korea
November 15-19, 2021
978-1-4503-8454-4/21/11
10.1145/3460120.3485347
1
AsyaMitseva
JanPennekamp
JohannesLohmöller
TorstenZiemann
CarlHoerchner
KlausWehrle
AndriyPanchenko
inproceedings
2020_delacadena_trafficsliver
TrafficSliver: Fighting Website Fingerprinting Attacks with Traffic Splitting
2020
11
12
1971-1985
Website fingerprinting (WFP) aims to infer information about the content of encrypted and anonymized connections by observing patterns of data flows based on the size and direction of packets. By collecting traffic traces at a malicious Tor entry node — one of the weakest adversaries in the attacker model of Tor — a passive eavesdropper can leverage the captured meta-data to reveal the websites visited by a Tor user. As recently shown, WFP is significantly more effective and realistic than assumed. Concurrently, former WFP defenses are either infeasible for deployment in real-world settings or defend against specific WFP attacks only.
To limit the exposure of Tor users to WFP, we propose novel lightweight WFP defenses, TrafficSliver, which successfully counter today’s WFP classifiers with reasonable bandwidth and latency overheads and, thus, make them attractive candidates for adoption in Tor. Through user-controlled splitting of traffic over multiple Tor entry nodes, TrafficSliver limits the data a single entry node can observe and distorts repeatable traffic patterns exploited by WFP attacks. We first propose a network-layer defense, in which we apply the concept of multipathing entirely within the Tor network. We show that our network-layer defense reduces the accuracy from more than 98% to less than 16% for all state-of-the-art WFP attacks without adding any artificial delays or dummy traffic. We further suggest an elegant client-side application-layer defense, which is independent of the underlying anonymization network. By sending single HTTP requests for different web objects over distinct Tor entry nodes, our application-layer defense reduces the detection rate of WFP classifiers by almost 50 percentage points. Although it offers lower protection than our network-layer defense, it provides a security boost at the cost of a very low implementation overhead and is fully compatible with today’s Tor network.
Traffic Analysis; Website Fingerprinting; Privacy; Anonymous Communication; Onion Routing; Web Privacy
https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-delacadena-trafficsliver.pdf
https://github.com/TrafficSliver
ACM
Proceedings of the 27th ACM SIGSAC Conference on Computer and Communications Security (CCS '20), November 9-13, 2020, Orlando, FL, USA
Virtual Event, USA
November 9-13, 2020
978-1-4503-7089-9/20/11
10.1145/3372297.3423351
1
WladimirDe la Cadena
AsyaMitseva
JensHiller
JanPennekamp
SebastianReuter
JulianFilter
KlausWehrle
ThomasEngel
AndriyPanchenko
inproceedings
2019_delacadena_countermeasure
POSTER: Traffic Splitting to Counter Website Fingerprinting
2019
11
12
2533-2535
Website fingerprinting (WFP) is a special type of traffic analysis, which aims to infer the websites visited by a user. Recent studies have shown that WFP targeting Tor users is notably more effective than previously expected. Concurrently, state-of-the-art defenses have been proven to be less effective. In response, we present a novel WFP defense that splits traffic over multiple entry nodes to limit the data a single malicious entry can use. Here, we explore several traffic-splitting strategies to distribute user traffic. We establish that our weighted random strategy dramatically reduces the accuracy from nearly 95% to less than 35% for four state-of-the-art WFP attacks without adding any artificial delays or dummy traffic.
https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-delacadena-splitting-defense.pdf
ACM
Proceedings of the 26th ACM SIGSAC Conference on Computer and Communications Security (CCS '19), November 11-15, 2019, London, United Kingdom
London, United Kingdom
November 11-15, 2019
978-1-4503-6747-9/19/11
10.1145/3319535.3363249
1
WladimirDe la Cadena
AsyaMitseva
JanPennekamp
JensHiller
FabianLanze
ThomasEngel
KlausWehrle
AndriyPanchenko
inproceedings
2019_pennekamp_multipath
Multipathing Traffic to Reduce Entry Node Exposure in Onion Routing
2019
10
7
Users of an onion routing network, such as Tor, depend on its anonymity properties. However, especially malicious entry nodes, which know the client’s identity, can also observe the whole communication on their link to the client and, thus, conduct several de-anonymization attacks. To limit this exposure and to impede corresponding attacks, we propose to multipath traffic between the client and the middle node to reduce the information an attacker can obtain at a single vantage point. To facilitate the deployment, only clients and selected middle nodes need to implement our approach, which works transparently for the remaining legacy nodes. Furthermore, we let clients control the splitting strategy to prevent any external manipulation.
Poster Session
https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-pennekamp-multipathing.pdf
IEEE
Proceedings of the 27th IEEE International Conference on Network Protocols (ICNP '19), October 7-10, 2019, Chicago, IL, USA
Chicago, IL, USA
27th IEEE International Conference on Network Protocols (ICNP 2019)
7-10. Oct. 2019
978-1-7281-2700-2
2643-3303
10.1109/ICNP.2019.8888029
1
JanPennekamp
JensHiller
SebastianReuter
WladimirDe la Cadena
AsyaMitseva
MartinHenze
ThomasEngel
KlausWehrle
AndriyPanchenko
inproceedings
2017-panchenko-wpes-fingerprinting
Analysis of Fingerprinting Techniques for Tor Hidden Services
2017
10
30
https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-panchenko-wpes-fingerprinting.pdf
Online
ACM
Proceedings of the 16th Workshop on Privacy in the Electronic Society (WPES), co-located with the 24th ACM Conference on Computer and Communications Security (CCS), Dallas, TX, USA
en
978-1-4503-5175-1
10.1145/3139550.3139564
1
AndriyPanchenko
AsyaMitseva
MartinHenze
FabianLanze
KlausWehrle
ThomasEngel
inproceedings
2016-mitseva-ccs-fingerprinting
POSTER: Fingerprinting Tor Hidden Services
2016
10
24
1766-1768
https://www.comsys.rwth-aachen.de/fileadmin/papers/2016/2016-mitseva-ccs-fingerprinting.pdf
Online
ACM
Proceedings of the 23rd ACM Conference on Computer and Communications Security (CCS), Vienna, Austria
en
978-1-4503-4139-4
10.1145/2976749.2989054
1
AsyaMitseva
AndriyPanchenko
FabianLanze
MartinHenze
KlausWehrle
ThomasEngel
inproceedings
Mobileoffloading_2013
Mobile Adhoc Offloading in Wireless Ad hoc Network
2013
http://arxiv.org/abs/1401.4528
Proc. of MANIAC 2013: Mobile Offloading competition
MANIAC 2013
Berlin, Germany
DiLi
AsyaMitseva