1. bookVolume 2020 (2020): Issue 2 (April 2020)
Zeitschriftendaten
License
Format
Zeitschrift
Erstveröffentlichung
16 Apr 2015
Erscheinungsweise
4 Hefte pro Jahr
Sprachen
Englisch
access type Open Access

Protecting against Website Fingerprinting with Multihoming

Online veröffentlicht: 08 May 2020
Seitenbereich: 89 - 110
Eingereicht: 31 Aug 2019
Akzeptiert: 16 Dec 2019
Zeitschriftendaten
License
Format
Zeitschrift
Erstveröffentlichung
16 Apr 2015
Erscheinungsweise
4 Hefte pro Jahr
Sprachen
Englisch

Anonymous communication tools, such as Tor, are extensively employed by users who want to keep their web activity private. But recent works have shown that when a local, passive adversary observes nothing more than the timestamp, size and direction (incoming or outgoing) of the packets, it can still identify with high accuracy the website accessed by a user. Several defenses against these website fingerprinting attacks have been proposed but they come at the cost of a significant overhead in traffic and/or website loading time. We propose a defense against website fingerprinting which exploits multihoming, where a user can access the Internet by sending the traffic through multiple networks. With multihoming, it is possible to protect against website fingerprinting by splitting traffic among the networks, i.e., by removing packets from one network and sending them through another, whereas current defenses can only add packets. This enables us to design a defense with no traffic overhead that, as we show through extensive experimentation against state-of-the-art attacks, reaches the same level of privacy as the best existing practical defenses. We describe and evaluate a proof-ofconcept implementation of our defense and show that is does not add significant loading-time overhead. Our solution is compatible with other state-of-the-art defenses, and we show that combining it with another defense further improves privacy.

[1] Improving Network Reliability Using Multipath TCP. https://developer.apple.com/documentation/foundation/urlsessionconfiguration/improving_network_reliability_using_multipath_tcp, accessed Nov. 2019.Search in Google Scholar

[2] The Tor project. Pluggable Transports. https://2019.www.torproject.org/docs/pluggable-transports, accessed Nov. 2019.Search in Google Scholar

[3] Tor: Inception. https://www.torproject.org/about/torusers.html.en, accessed Nov. 2019.Search in Google Scholar

[4] ISPs Sell Clickstreams For $5 A Month, 2007. https://seekingalpha.com/article/29449-compete-ceo-isps-sellclickstreams-for-5-a-month, accessed Nov. 2019.Search in Google Scholar

[5] Padding Negotiation. Tor Proposal 254, 2015. github.com/torproject/torspec/blob/master/proposals/254-padding-negotiation.txt, accessed Nov. 2019.Search in Google Scholar

[6] Kota Abe and Shigeki Goto. Fingerprinting Attack on Tor Anonymity using Deep Learning. Proceedings of the Asia-Pacific Advanced Network, 2016.Search in Google Scholar

[7] Aditya Akella, Bruce Maggs, Srinivasan Seshan, Anees Shaikh, and Ramesh Sitaraman. A Measurement-Based Analysis of Multihoming. In ACM SIGCOMM Conference, 2003.Search in Google Scholar

[8] Mashael AlSabah, Kevin Bauer, Tariq Elahi, and Ian Goldberg. The Path Less Travelled: Overcoming Tor’s Bottlenecks with Traffic Splitting. Proceedings on Privacy Enhancing Technologies, 2013.Search in Google Scholar

[9] Sanjit Bhat, David Lu, Albert Kwon, and Srinivas Devadas. Var-CNN: A Data-Efficient Website Fingerprinting Attack Based on Deep Learning. Proceedings on Privacy Enhancing Technologies, 2019.Search in Google Scholar

[10] George Blakley. Safeguarding Cryptographic Keys. In National Computer Conference, 1979.Search in Google Scholar

[11] Olivier Bonaventure and SungHoon Seo. Multipath TCP Deployments. https://www.ietfjournal.org/multipath-tcpdeployments, accessed Nov. 2019.Search in Google Scholar

[12] D. Borman, B. Braden, V. Jacobson, and R. Scheffenegger. TCP Extensions for High Performance. RFC 7323, 2014.Search in Google Scholar

[13] Xiang Cai, Rishab Nithyanand, and Rob Johnson. CSBuFLO: A Congestion Sensitive Website Fingerprinting Defense. In ACM Workshop on Privacy in the Electronic Society, 2014.Search in Google Scholar

[14] Xiang Cai, Rishab Nithyanand, Tao Wang, Rob Johnson, and Ian Goldberg. A Systematic Approach to Developing and Evaluating Website Fingerprinting Defenses. In ACM Conference on Computer and Communications Security, 2014.Search in Google Scholar

[15] Xiang Cai, Xin Cheng Zhang, Brijesh Joshi, and Rob Johnson. Touching from a Distance: Website Fingerprinting Attacks and Defenses. In ACM Conference on Computer and Communications Security, 2012.Search in Google Scholar

[16] Yung-Chih Chen, Yeon-sup Lim, Richard J Gibbens, Erich M Nahum, Ramin Khalili, and Don Towsley. A Measurementbased Study of Multipath TCP Performance over Wireless Networks. In ACM Internet Measurement Conference, 2013.Search in Google Scholar

[17] Yung-Chih Chen and Don Towsley. On Bufferbloat and Delay Analysis of Multipath TCP in Wireless Networks. In IFIP Networking Conference, 2014.Search in Google Scholar

[18] Heyning Cheng and Ron Avnur. Traffic Analysis of SSL Encrypted Web Browsing, 1998. https://pdfs.semanticscholar.org/1a98/7c4fe65fa347a863dece665955ee7e01791b.pdf, accessed Nov. 2019.Search in Google Scholar

[19] Giovanni Cherubin, Jamie Hayes, and Marc Juarez. Website Fingerprinting Defenses at the Application Layer. Proceedings on Privacy Enhancing Technologies, 2017.Search in Google Scholar

[20] Weiqi Cui, Tao Chen, Christian Fields, Julianna Chen, Anthony Sierra, and Eric Chan-Tin. Revisiting Assumptions for Website Fingerprinting Attacks. In ACM Asia Conference on Computer and Communications Security, 2019.Search in Google Scholar

[21] George Danezis. Traffic Analysis of the HTTP Protocol over TLS, 2010.Search in Google Scholar

[22] Quentin De Coninck and Olivier Bonaventure. Multipath QUIC: Design and Evaluation. In ACM International Conference on emerging Networking EXperiments and Technologies, 2017.Search in Google Scholar

[23] Wladimir De la Cadena, Asya Mitseva, Jan Pennekamp, Jens Hiller, Fabian Lanze, Thomas Engel, Klaus Wehrle, and Andriy Panchenko. Traffic Splitting to Counter Website Fingerprinting. In ACM Conference on Computer and Communications Security, 2019.Search in Google Scholar

[24] Kevin P Dyer, Scott E Coull, Thomas Ristenpart, and Thomas Shrimpton. Peek-a-Boo, I Still See You: Why Efficient Traffic Analysis Countermeasures Fail. In IEEE Symposium on Security and Privacy, 2012.Search in Google Scholar

[25] Nick Feamster and Roger Dingledine. Location Diversity in Anonymity Networks. In ACM Workshop on Privacy in the Electronic Society, 2004.Search in Google Scholar

[26] Saman Feghhi and Douglas J Leith. A Web Traffic Analysis Attack Using Only Timing Information. IEEE Transactions on Information Forensics and Security, 2016.Search in Google Scholar

[27] Alan Ford, Costin Raiciu, Mark Handley, Sébastien Barré, and Janardhan Iyengar. Architectural Guidelines for Multipath TCP Development. RFC 6182, 2011.Search in Google Scholar

[28] Alan Ford, Costin Raiciu, Mark Handley, and Olivier Bonaventure. TCP Extensions for Multipath Operation with Multiple Addresses. RFC 6824, 2013.Search in Google Scholar

[29] Alexander Frommgen, Tobias Erbshäußer, Alejandro Buchmann, Torsten Zimmermann, and Klaus Wehrle. ReMPTCP: Low Latency Multipath TCP. In IEEE International Conference on Communications, 2016.Search in Google Scholar

[30] Jamie Hayes and George Danezis. k-fingerprinting: A Robust Scalable Website Fingerprinting Technique. In USENIX Security Symposium, 2016.Search in Google Scholar

[31] Sébastien Henri, Christina Vlachou, Julien Herzen, and Patrick Thiran. EMPoWER Hybrid Networks: Exploiting Multiple Paths over Wireless and ElectRical Mediums. In ACM International Conference on emerging Networking EXperiments and Technologies, 2016.Search in Google Scholar

[32] Dominik Herrmann, Rolf Wendolsky, and Hannes Federrath. Website Fingerprinting: Attacking Popular Privacy Enhancing Technologies with the Multinomial Naïve-Bayes Classifier. In ACM Workshop on Cloud Computing Security, 2009.Search in Google Scholar

[33] Janardhan R Iyengar, Paul D Amer, and Randall Stewart. Concurrent Multipath Transfer using SCTP Multihoming over Independent End-to-End Paths. IEEE/ACM Transactions on Networking, 2006.Search in Google Scholar

[34] Rob Jansen, Marc Juarez, Rafael Galvez, Tariq Elahi, and Claudia Diaz. Inside Job: Applying Traffic Analysis to Measure Tor from Within. In Network and Distributed System Security Symposium, 2018.Search in Google Scholar

[35] Marc Juarez, Sadia Afroz, Gunes Acar, Claudia Diaz, and Rachel Greenstadt. A Critical Evaluation of Website Fingerprinting Attacks. In ACM Conference on Computer and Communications Security, 2014.Search in Google Scholar

[36] Marc Juarez, Mohsen Imani, Mike Perry, Claudia Diaz, and Matthew Wright. Toward an Efficient Website Fingerprinting Defense. In European Symposium on Research in Computer Security, 2016.Search in Google Scholar

[37] Taeho Jung, Xiang-Yang Li, Zhiguo Wan, and Meng Wan. Privacy Preserving Cloud Data Access with Multi-Authorities. In IEEE INFOCOM, 2013.Search in Google Scholar

[38] Hasan T Karaoglu, Mehmet Burak Akgun, Mehmet Hadi Gunes, and Murat Yuksel. Multi Path Considerations for Anonymized Routing: Challenges and Opportunities. In Conference on New Technologies, Mobility and Security, 2012.Search in Google Scholar

[39] Jin Li, Xiaofeng Chen, Mingqiang Li, Jingwei Li, Patrick PC Lee, and Wenjing Lou. Secure Deduplication with Efficient and Reliable Convergent Key Management. IEEE Transactions on Parallel and Distributed Systems, 2014.Search in Google Scholar

[40] Ming Li, Shucheng Yu, Yao Zheng, Kui Ren, and Wenjing Lou. Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption. IEEE Transactions on Parallel and Distributed Systems, 2013.Search in Google Scholar

[41] Shuai Li, Huajun Guo, and Nicholas Hopper. Measuring Information Leakage in Website Fingerprinting Attacks and Defenses. In ACM Conference on Computer and Communications Security, 2018.Search in Google Scholar

[42] Igor Lopez, Marina Aguado, Christian Pinedo, and Eduardo Jacob. SCADA Systems in the Railway Domain: Enhancing Reliability Through Redundant Multipath TCP. In IEEE International Conference on Intelligent Transportation Systems, 2015.Search in Google Scholar

[43] Brad Miller, Ling Huang, Anthony D Joseph, and J Doug Tygar. I Know Why You Went to the Clinic: Risks and Realization of HTTPS Traffic Analysis. Proceedings on Privacy Enhancing Technologies, 2014.Search in Google Scholar

[44] Se Eun Oh, Saikrishna Sunkam, and Nicholas Hopper. p- FP: Extraction, Classification, and Prediction of Website Fingerprints with Deep Learning. Proceedings on Privacy Enhancing Technologies, 2019.Search in Google Scholar

[45] Rebekah Overdorf, Mark Juarez, Gunes Acar, Rachel Greenstadt, and Claudia Diaz. How Unique is Your.onion?: An Analysis of the Fingerprintability of Tor Onion Services. In ACM Conference on Computer and Communications Security, 2017.Search in Google Scholar

[46] Christoph Paasch and Sébastien Barré. Multipath TCP in the Linux Kernel. https://www.multipath-tcp.org, accessed Nov. 2019.Search in Google Scholar

[47] Christoph Paasch and Sébastien Barré. Multipath TCP in the Linux Kernel – Configure MPTCP. https://multipathtcp.org/pmwiki.php/Users/ConfigureMPTCP, accessed Nov. 2019.Search in Google Scholar

[48] Andriy Panchenko, Fabian Lanze, Jan Pennekamp, Thomas Engel, Andreas Zinnen, Martin Henze, and Klaus Wehrle. Website Fingerprinting at Internet Scale. In Network and Distributed System Security Symposium, 2016.Search in Google Scholar

[49] Andriy Panchenko, Lukas Niessen, Andreas Zinnen, and Thomas Engel. Website Fingerprinting in Onion Routing Based Anonymization Networks. In ACM Workshop on Privacy in the Electronic Society, 2011.Search in Google Scholar

[50] Mike Perry. Experimental Defense for Website Traffic Fingerprinting. Tor project Blog. https://blog.torproject.org/experimental-defense-website-traffic-fingerprinting, 2011.Search in Google Scholar

[51] Abdullah Qasem, Sami Zhioua, and Karima Makhlouf. Finding a Needle in a Haystack: The Traffic Analysis Version. Proceedings on Privacy Enhancing Technologies, 2019.Search in Google Scholar

[52] Costin Raiciu, Sebastien Barre, Christopher Pluntke, Adam Greenhalgh, Damon Wischik, and Mark Handley. Improving Datacenter Performance and Robustness with Multipath TCP. In ACM SIGCOMM Conference, 2011.Search in Google Scholar

[53] Costin Raiciu, Christoph Paasch, Sébastien Barré, Alan Ford, Michio Honda, Fabien Duchêne, Olivier Bonaventure, and Mark Handley. How Hard Can It Be? Designing and Implementing a Deployable Multipath TCP. In USENIX Symposium on Networked Systems Design and Implementation, 2012.Search in Google Scholar

[54] Maxim Raya and Jean-Pierre Hubaux. Securing Vehicular Ad-Hoc Networks. Journal of Computer Security, 2007.Search in Google Scholar

[55] Vera Rimmer, Davy Preuveneers, Marc Juarez, Tom Van Goethem, and Wouter Joosen. Automated Website Fingerprinting through Deep Learning. In Network and Distributed System Security Symposium, 2018.Search in Google Scholar

[56] F Rochet, O Pereira, and O Bonaventure. Moving Tor Circuits Towards Multiple-Path: Anonymity and Performance Considerations. Technical report, UC Louvain, 2015. https://pdfs.semanticscholar.org/aa94/7dd4762bd0f6531bacfeac9d29ef1e1d4cd6.pdf, accessed Nov. 2019.Search in Google Scholar

[57] Andrei Serjantov and Steven J Murdoch. Message Splitting Against the Partial Adversary. In International Workshop on Privacy Enhancing Technologies, 2005.Search in Google Scholar

[58] Adi Shamir. How to Share a Secret. Communications of the ACM, 1979.Search in Google Scholar

[59] Yi Shi and Kanta Matsuura. Fingerprinting Attack on the Tor Anonymity System. In International Conference on Information and Communications Security, 2009.Search in Google Scholar

[60] Vitaly Shmatikov and Ming-Hsiu Wang. Timing Analysis in Low-Latency Mix Networks: Attacks and Defenses. In European Symposium on Research in Computer Security, 2006.Search in Google Scholar

[61] Anatoly Shusterman, Lachlan Kang, Yarden Haskal, Yosef Meltser, Prateek Mittal, Yossi Oren, and Yuval Yarom. Robust Website Fingerprinting through the Cache Occupancy Channel. In USENIX Security Symposium, 2019.Search in Google Scholar

[62] Payap Sirinam, Mohsen Imani, Marc Juarez, and Matthew Wright. Deep Fingerprinting: Undermining Website Fingerprinting Defenses with Deep Learning. In ACM Conference on Computer and Communications Security, 2018.Search in Google Scholar

[63] Emil Stefanov and Elaine Shi. Multi-Cloud Oblivious Storage. In ACM Conference on Computer and Communications Security, 2013.Search in Google Scholar

[64] Randall Stewart. Stream Control Transmission Protocol. RFC 6824, 4960.Search in Google Scholar

[65] David Wagner and Bruce Schneier. Analysis of the SSL 3.0 Protocol. In USENIX Workshop on Electronic Commerce, 1996.Search in Google Scholar

[66] Tao Wang, Xiang Cai, Rishab Nithyanand, Rob Johnson, and Ian Goldberg. Effective Attacks and Provable Defenses for Website Fingerprinting. In USENIX Security Symposium, 2014.Search in Google Scholar

[67] Tao Wang and Ian Goldberg. Improved Website Fingerprinting on Tor. In ACM Workshop on Privacy in the Electronic Society, 2013.Search in Google Scholar

[68] Tao Wang and Ian Goldberg. On Realistically Attacking Tor with Website Fingerprinting. Proceedings on Privacy Enhancing Technologies, 2016.Search in Google Scholar

[69] Tao Wang and Ian Goldberg. Walkie-Talkie: An Efficient Defense Against Passive Website Fingerprinting Attacks. In USENIX Security Symposium, 2017.Search in Google Scholar

[70] Charles Wright, Scott Coull, and Fabian Monrose. Traffic Morphing: An Efficient Defense Against Statistical Traffic Analysis. In Network and Distributed System Security Symposium, 2009.Search in Google Scholar

[71] Junhua Yan and Jasleen Kaur. Feature Selection for Website Fingerprinting. Proceedings on Privacy Enhancing Technologies, 2018.Search in Google Scholar

[72] Kiran Yedugundla, Simone Ferlin, Thomas Dreibholz, Özgü Alay, Nicolas Kuhn, Per Hurtig, and Anna Brunstrom. Is Multi-path Transport Suitable for Latency Sensitive Traffic? Computer Networks, 2016.Search in Google Scholar

Recommended articles from Trend MD

Plan your remote conference with Sciendo