{"title":"CS-BuFLO:一个对拥塞敏感的网站指纹防御","authors":"Xiang Cai, Rishab Nithyanand, Rob Johnson","doi":"10.1145/2665943.2665949","DOIUrl":null,"url":null,"abstract":"Website fingerprinting attacks enable an adversary to infer which website a victim is visiting, even if the victim uses an encrypting proxy, such as Tor. Previous work has shown that all proposed defenses against website fingerprinting attacks are ineffective. This paper advances the study of website fingerprinting defenses by first laying out the complete specifications of the CS-BuFlo scheme outlined by Cai, et al. CS-BuFlo, which is based on the BuFlo defense proposed by Dyer, et al., was not fully-specified by Cai, et al, but has nonetheless attracted the attention of the Tor developers. Next, a full working implementation of CS-BuFlo is provided. Finally, a thorough evaluation of CS-BuFlo is performed using empirical data (rather than data from simulations). Our experiments find that CS-BuFlo has high overhead (around 2.3-2.8x) but can get 6times closer to the bandwidth/security trade-off lower bound than Tor or SSH.","PeriodicalId":408627,"journal":{"name":"Proceedings of the 13th Workshop on Privacy in the Electronic Society","volume":"29 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"149","resultStr":"{\"title\":\"CS-BuFLO: A Congestion Sensitive Website Fingerprinting Defense\",\"authors\":\"Xiang Cai, Rishab Nithyanand, Rob Johnson\",\"doi\":\"10.1145/2665943.2665949\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Website fingerprinting attacks enable an adversary to infer which website a victim is visiting, even if the victim uses an encrypting proxy, such as Tor. Previous work has shown that all proposed defenses against website fingerprinting attacks are ineffective. This paper advances the study of website fingerprinting defenses by first laying out the complete specifications of the CS-BuFlo scheme outlined by Cai, et al. CS-BuFlo, which is based on the BuFlo defense proposed by Dyer, et al., was not fully-specified by Cai, et al, but has nonetheless attracted the attention of the Tor developers. Next, a full working implementation of CS-BuFlo is provided. Finally, a thorough evaluation of CS-BuFlo is performed using empirical data (rather than data from simulations). Our experiments find that CS-BuFlo has high overhead (around 2.3-2.8x) but can get 6times closer to the bandwidth/security trade-off lower bound than Tor or SSH.\",\"PeriodicalId\":408627,\"journal\":{\"name\":\"Proceedings of the 13th Workshop on Privacy in the Electronic Society\",\"volume\":\"29 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-11-03\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"149\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 13th Workshop on Privacy in the Electronic Society\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2665943.2665949\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 13th Workshop on Privacy in the Electronic Society","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2665943.2665949","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
CS-BuFLO: A Congestion Sensitive Website Fingerprinting Defense
Website fingerprinting attacks enable an adversary to infer which website a victim is visiting, even if the victim uses an encrypting proxy, such as Tor. Previous work has shown that all proposed defenses against website fingerprinting attacks are ineffective. This paper advances the study of website fingerprinting defenses by first laying out the complete specifications of the CS-BuFlo scheme outlined by Cai, et al. CS-BuFlo, which is based on the BuFlo defense proposed by Dyer, et al., was not fully-specified by Cai, et al, but has nonetheless attracted the attention of the Tor developers. Next, a full working implementation of CS-BuFlo is provided. Finally, a thorough evaluation of CS-BuFlo is performed using empirical data (rather than data from simulations). Our experiments find that CS-BuFlo has high overhead (around 2.3-2.8x) but can get 6times closer to the bandwidth/security trade-off lower bound than Tor or SSH.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
