Glove: A Bespoke Website Fingerprinting Defense

Proceedings of the 13th Workshop on Privacy in the Electronic Society Pub Date : 2014-11-03 DOI:10.1145/2665943.2665950

Rishab Nithyanand, Xiang Cai, Rob Johnson

{"title":"Glove: A Bespoke Website Fingerprinting Defense","authors":"Rishab Nithyanand, Xiang Cai, Rob Johnson","doi":"10.1145/2665943.2665950","DOIUrl":null,"url":null,"abstract":"Website fingerprinting attacks have recently emerged as a serious threat against web browsing privacy mechanisms, such as SSL, Tor, and encrypting tunnels. Researchers have proposed numerous attacks and defenses, and the Tor project currently includes both network- and browser-level defenses against these attacks, but published defenses have high overhead, poor security, or both. In this paper we present preliminary results of {Glove}, a new SSH based defense. Glove is based on the observation that current defenses are expensive not because website traces are different, but because the defense, operating blindly, does not know how to add cover traffic and therefore, puts it everywhere. Instead, Glove uses existing knowledge of a websites traces to add cover traffic conservatively while maintaining high levels of security. Further, Glove satisfies the information theoretic definitions of security defined in prior work -- i.e., it is resistant to any fingerprinting adversary. Our simulations show that Glove performs better than all currently proposed SSH based defenses in terms of the security-overhead trade-off.","PeriodicalId":408627,"journal":{"name":"Proceedings of the 13th Workshop on Privacy in the Electronic Society","volume":"68 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"80","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 13th Workshop on Privacy in the Electronic Society","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2665943.2665950","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 80

Abstract

Website fingerprinting attacks have recently emerged as a serious threat against web browsing privacy mechanisms, such as SSL, Tor, and encrypting tunnels. Researchers have proposed numerous attacks and defenses, and the Tor project currently includes both network- and browser-level defenses against these attacks, but published defenses have high overhead, poor security, or both. In this paper we present preliminary results of {Glove}, a new SSH based defense. Glove is based on the observation that current defenses are expensive not because website traces are different, but because the defense, operating blindly, does not know how to add cover traffic and therefore, puts it everywhere. Instead, Glove uses existing knowledge of a websites traces to add cover traffic conservatively while maintaining high levels of security. Further, Glove satisfies the information theoretic definitions of security defined in prior work -- i.e., it is resistant to any fingerprinting adversary. Our simulations show that Glove performs better than all currently proposed SSH based defenses in terms of the security-overhead trade-off.

查看原文本刊更多论文

手套:一个定制的网站指纹防御

网站指纹攻击最近成为了对网络浏览隐私机制(如SSL、Tor和加密隧道)的严重威胁。研究人员已经提出了许多攻击和防御，Tor项目目前包括针对这些攻击的网络和浏览器级防御，但发布的防御开销高，安全性差，或者两者兼而有之。在本文中，我们介绍了{Glove}的初步结果，这是一种新的基于SSH的防御。手套是根据观察，目前的防御之所以昂贵，不是因为网站的踪迹不同，而是因为防御，操作盲目，不知道如何增加掩护流量，因此，把它到处放。相反，Glove利用现有的网站追踪信息，在保持高安全性的同时，保守地增加了覆盖流量。此外，Glove满足先前工作中定义的安全的信息理论定义——即，它可以抵抗任何指纹攻击。我们的模拟表明，就安全开销的权衡而言，Glove的性能比目前提出的所有基于SSH的防御都要好。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 13th Workshop on Privacy in the Electronic Society

自引率

0.00%

发文量