a critical evaluation of website fingerprinting attacks
play

A Critical Evaluation of Website Fingerprinting Attacks Marc Juarez - PowerPoint PPT Presentation

Jul 04, 2023 •180 likes •687 views

A Critical Evaluation of Website Fingerprinting Attacks Marc Juarez 1 Sadia Afroz 2 Gunes Acar 1 Claudia Diaz 1 Rachel Greenstadt 3 1 KU Leuven, ESAT/COSIC and iMinds, Leuven, Belgium 2 UC Berkeley, US 3 Drexel University, US CCS 2014, Scottsdale,

  1. A Critical Evaluation of Website Fingerprinting Attacks Marc Juarez 1 Sadia Afroz 2 Gunes Acar 1 Claudia Diaz 1 Rachel Greenstadt 3 1 KU Leuven, ESAT/COSIC and iMinds, Leuven, Belgium 2 UC Berkeley, US 3 Drexel University, US CCS 2014, Scottsdale, AZ, USA, November 4, 2014

  2. Introduction: how does WF work? Tor Web User Adversary User = Alice Webpage = ?? 2

  3. Why is WF so important? ● Tor as the most advanced anonymity network ● Allows an adversary to discover the browsing history ● Series of successful attacks ● Low cost to the adversary Number of top conference publications on WF (25) 3

  4. Introduction: unrealistic assumptions Tor Client settings : e.g., browsing behaviour Web User Adversary 4

  5. Introduction: unrealistic assumptions Tor Web Adversary : User e.g., replicability Adversary 4

  6. Introduction: unrealistic assumptions Tor Web : e.g., staleness Web User Adversary 4

  7. Contributions ● A critical analysis of the assumptions ● Evaluation of variables that affect accuracy ● An approach to reduce false positives ● A model of the adversary’s cost 5

  8. Methodology ● Based on Wang and Goldberg’s ○ Batches and k-fold cross-validation ○ Fast-levenshtein attack (SVM) ● Comparative experiments ○ Key: isolate variable under evaluation (e.g., TBB version) 6

  9. Comparative experiments: example ● Step 1: ● Step 2: 7

  10. Comparative experiments: example ● Step 1: Train: on data with default value Acc. Control Test: on data with default value ● Step 2: 7

  11. Comparative experiments: example ● Step 1: Train: on data with default value Test: on data with value of interest Acc. Test ● Step 2: 7

  12. Datasets ● Alexa Top Sites ● Active Linguistic Authentication Dataset (ALAD) ○ Real-world users (80 users, 40K unique URLs) ○ Training on Alexa and testing on ALAD? 8

  13. Datasets ● Alexa Top Sites ● Active Linguistic Authentication Dataset (ALAD) ○ Real-world users (80 users, 40K unique URLs) ○ Training on Alexa and testing on ALAD? 45% not in Alexa top 100 Prohibitive number of FPs 8

  14. Experiments: multitab browsing ● FF users use average 2 or 3 tabs 9

  15. Experiments: multitab browsing ● FF users use average 2 or 3 tabs ● Experiment with 2 tabs: 0.5s, 3s, 5s 9

  16. Experiments: multitab browsing ● FF users use average 2 or 3 tabs ● Experiment with 2 tabs: 0.5s, 3s, 5s 9

  17. Experiments: multitab browsing Foreground Foreground Background Background ● FF users use average 2 or 3 tabs ● Experiment with 2 tabs: 0.5s, 3s, 5s ● Background page picked at random 9

  18. Experiments: multitab browsing ● FF users use average 2 or 3 tabs ● Experiment with 2 tabs: 0.5s, 3s, 5s ● Background page picked at random ● Success: detection of either page 9

  19. Experiments: multitab browsing Accuracy for different time gaps Tab 1 Tab 2 77.08% BW Time 9.8% 7.9% 8.23% Control Test (3s) Test (0.5s) Test (5s) 10

  20. Experiments: TBB versions ● Coexisting Tor Browser Bundle (TBB) versions ● Versions: 2.4.7, 3.5 and 3.5.2.1 (changes in RP, etc.) 11

  21. Experiments: TBB versions ● Coexisting Tor Browser Bundle (TBB) versions Latest version of RP ● Versions: 2.4.7, 3.5 and 3.5.2.1 (changes in RP, etc.) 79.58% 66.75% 6.51% Control Test Test (3.5.2.1) (3.5) (2.4.7) 11

  22. Experiments: network conditions VM Leuven VM New York VM Singapore KU Leuven DigitalOcean (virtual private servers) 12

  23. Experiments: network conditions VM Leuven VM New York VM Singapore 66.95% 8.83% Control (LVN) Test (NY) 12

  24. Experiments: network conditions VM Leuven VM New York VM Singapore 66.95% 9.33% Control (LVN) Test (SI) 12

  25. Experiments: network conditions VM Leuven VM New York VM Singapore 76.40% 68.53% Control (SI) Test (NY) 12

  26. Experiments: entry guard config. ● What entry config. works better for training? ● 3 configs.: ○ Fix 1 entry guard ○ Pick entry from a list of 3 entries guards (default) ○ Pick entry from all possible entries guards (Wang and Goldberg) 13

  27. Experiments: entry guard config. Accuracy for different entry guard configurations 70.38% 64.40% 62.70% any 3 entry 1 entry guards guard 14

  28. Experiments: data staleness Staleness of our collected data over 90 days Less than 50% after 9d. Accuracy (%) Time (days) 15

  29. Summary 16

  30. The base rate fallacy: example ● Breathalyzer test: ○ 0.88 identifies truly drunk drivers (true positives) ○ 0.05 false positives ● Alice gives positive in the test ○ What is the probability that she is indeed drunk? ( BDR ) ○ Is it 0.95? Is it 0.88? Something in between? 17

  31. The base rate fallacy: example ● Breathalyzer test: ○ 0.88 identifies truly drunk drivers (true positives) ○ 0.05 false positives ● Alice gives positive in the test ○ What is the probability that she is indeed drunk? ( BDR ) Only 0.1! ○ Is it 0.95? Is it 0.88? Something in between? 17

  32. The base rate fallacy: example ● Circumference represents the world of drivers. ● Each dot represents a driver. 18

  33. The base rate fallacy: example ● 1% of drivers are driving drunk ( base rate or prior ). 19

  34. The base rate fallacy: example ● From drunk people 88% are identified as drunk by the test 20

  35. The base rate fallacy: example ● From the not drunk people, 5% are erroneously identified as drunk 21

  36. The base rate fallacy: example ● Alice must be within the black circumference ● Ratio of red dots within the black circumference: BDR = 7/70 = 0.1 ! 22

  37. The base rate fallacy in WF ● Base rate must be taken into account ● In WF: ○ Blue: webpages ○ Red: monitored ○ Base rate? 23

  38. The base rate fallacy in WF ● Probability of visiting a monitored page? ● “false positives matter a lot” 1 ● Experiment: 35K world 1 Mike Perry, “A Critique of Website Traffic Fingerprinting Attacks”, Tor project Blog, 2013. https://blog. torproject.org/blog/critique-website-traffic-fingerprinting-attacks. 24

  39. Experiment: BDR in a 35K world ● Uniform world ● Non-popular pages from ALAD Size of the world 25

  40. Classify, but verify ● Verification step to test classifier confidence ● Number of FPs reduced 397-42 (400) ● But BDR is still very low for non popular pages 26

  41. Cost for the adversary ● Adversary’s cost will depend on: ○ Number of pages 27

  42. Versions of a page: St Valentine’s doodle Total trace size 10 5 0 700 800 900 1000 1100 (KBytes) 13 Feb 2013 14 Feb 2013 28

  43. Cost for the adversary ● Adversary’s cost will depend on: ○ Number of pages ○ Number of targets 29

  44. Non-targeted attacks Tor Users Web . . . ISP router 30

  45. Cost for the adversary ● Adversary’s cost will depend on: ○ Number of pages ○ Number of targets ○ Training and testing complexities 31

  46. Cost for the adversary ● Adversary’s cost will depend on: ○ Number of pages ○ Number of targets ○ Training and testing complexities ● To maintain a successful WF system is costly 32

  47. Limitations ● We took samples and may not be representative of all possible practical scenarios ● Variables difficult to control ○ Time gap ○ Tor circuit 33

  48. Conclusions ● WF attack fails in realistic conditions ● We do not completely dismiss the attack ● Attack can be enhanced at a greater cost ● Defenses might be cheaper in practice 34

  49. Thank you for your attention. Questions?

Recommend

Website fingerprinting attacks against Tor Browser Bundle: a comparison between HTTP/1.1 and

Website fingerprinting attacks against Tor Browser Bundle: a comparison between HTTP/1.1 and

Tor website fingerprinting Website fingerprinting attacks against Tor Browser Bundle: a comparison between HTTP/1.1 and HTTP/2 T.T.N. Marks BSc. K.C.N. Halvemaan BSc. University of Amsterdam System and Network Engineering Research Project #1

664 views • 32 slides
Website Fingerprinting Attacks and Defenses in the Tor Onion Space Marc Juarez imec-COSIC KU

Website Fingerprinting Attacks and Defenses in the Tor Onion Space Marc Juarez imec-COSIC KU

Website Fingerprinting Attacks and Defenses in the Tor Onion Space Marc Juarez imec-COSIC KU Leuven COSIC Seminar - 23rd October 2017, Leuven Introduction Contents of this presentation: - PETS17: Website Fingerprinting Defenses at

658 views • 44 slides
Website fingerprinting on Tor: attacks and defenses Claudia Diaz KU Leuven Joint work with: Marc

Website fingerprinting on Tor: attacks and defenses Claudia Diaz KU Leuven Joint work with: Marc

Website fingerprinting on Tor: attacks and defenses Claudia Diaz KU Leuven Joint work with: Marc Juarez , Sadia Afroz, Gunes Acar, Rachel Greenstadt, Mohsen Imani, Mike Perry, Matthew Wright Post-Snowden Cryptography Workshop Brussels, December

754 views • 52 slides
k -fingerprinting: a Robust Scalable Website Fingerprinting Technique George Danezis Jamie Hayes

k -fingerprinting: a Robust Scalable Website Fingerprinting Technique George Danezis Jamie Hayes

k -fingerprinting: a Robust Scalable Website Fingerprinting Technique George Danezis Jamie Hayes University College London August 12, 2016 1/24 How does website fingerprinting work? - Training Tor network Relay 2 Adversary Relay 1

988 views • 24 slides
Feature Selection in Website Fingerprinting Junhua Yan Advisor: Prof. Jasleen Kaur July 24,

Feature Selection in Website Fingerprinting Junhua Yan Advisor: Prof. Jasleen Kaur July 24,

Feature Selection in Website Fingerprinting Junhua Yan Advisor: Prof. Jasleen Kaur July 24, 2019 1/23 Website Fingerprinting Goal: determine the visited website by inspecting network traffic on client side client web Figure: Attacker

831 views • 59 slides
Bayes, not Nave Security Bounds on Website Fingerprinting Defenses Giovanni Cherubin Privacy

Bayes, not Nave Security Bounds on Website Fingerprinting Defenses Giovanni Cherubin Privacy

Bayes, not Nave Security Bounds on Website Fingerprinting Defenses Giovanni Cherubin Privacy Enhancing Technologies Symposium Minneapolis, Minnesota, USA 19 July, 2017 @gchers Website Fingerprinting (WF) Encrypted Tunnel Victim

400 views • 20 slides
Lab 5: Shark Attacks, Again! DNA Fingerprinting to the Rescue Notebook Lab Objectives

Lab 5: Shark Attacks, Again! DNA Fingerprinting to the Rescue Notebook Lab Objectives

Lab 5: Shark Attacks, Again! DNA Fingerprinting to the Rescue Notebook Lab Objectives Develop an understanding of the basic techniques used to study genetic polymorphisms encoded in DNA Gain familiarity with Restriction Fragment Length

436 views • 15 slides
Lab 5: Shark Attacks, Again! DNA Fingerprinting to the Rescue Notebook Lab Objectives

Lab 5: Shark Attacks, Again! DNA Fingerprinting to the Rescue Notebook Lab Objectives

Lab 5: Shark Attacks, Again! DNA Fingerprinting to the Rescue Notebook Lab Objectives Develop an understanding of the basic techniques used to study genetic polymorphisms encoded in DNA Gain familiarity with Restriction Fragment Length

659 views • 27 slides
Morellian Analysis for Browsers: Making Web Authentication Stronger With Canvas Fingerprinting

Morellian Analysis for Browsers: Making Web Authentication Stronger With Canvas Fingerprinting

Morellian Analysis for Browsers: Making Web Authentication Stronger With Canvas Fingerprinting Pierre Laperdrix , Gildas Avoine, Benoit Baudry, Nick Nikiforakis DIMVA 2019 In Introduction Web attacks and data breaches 2 Attacks on the

945 views • 66 slides
Website Fingerprinting Attacking Popular Privacy Enhancing Technologies with the Multinomial

Website Fingerprinting Attacking Popular Privacy Enhancing Technologies with the Multinomial

Website Fingerprinting Attacking Popular Privacy Enhancing Technologies with the Multinomial Nave-Bayes Classifier Dominik Herrmann , Hannes Federrath Rolf Wendolsky University of Regensburg, Germany JonDos GmbH Motivation To Whom It May

901 views • 34 slides
using Traffic Analysis Attacks Salini S K What is Traffic Analysis What is Traffic Analysis

using Traffic Analysis Attacks Salini S K What is Traffic Analysis What is Traffic Analysis

Website Fingerprinting using Traffic Analysis Attacks Salini S K What is Traffic Analysis What is Traffic Analysis Wiki says What is Traffic Analysis Wiki says Process of intercepting and examining messages in order to deduce

1.15k views • 41 slides
Website Fingerprinting at Internet Scale Andriy Panchenko 1 , Fabian Lanze 1 , Andreas Zinnen 2 ,

Website Fingerprinting at Internet Scale Andriy Panchenko 1 , Fabian Lanze 1 , Andreas Zinnen 2 ,

Website Fingerprinting at Internet Scale Andriy Panchenko 1 , Fabian Lanze 1 , Andreas Zinnen 2 , Martin Henze 3 , Jan Pennekamp 1 , Klaus Wehrle 3 , Thomas Engel 1 1 Interdisciplinary Centre for Security, Reliability and Trust (SnT), Luxembourg 2

567 views • 23 slides
Website Fingerprinting Defenses at the Application Layer Giovanni Cherubin 1 Jamie Hayes 2 Marc

Website Fingerprinting Defenses at the Application Layer Giovanni Cherubin 1 Jamie Hayes 2 Marc

Website Fingerprinting Defenses at the Application Layer Giovanni Cherubin 1 Jamie Hayes 2 Marc Juarez 3 1 Royal Holloway University of London 2 University College London 3 imec-COSIC KU Leuven 19th July 2017, PETS17, Minneapolis, MN, USA

735 views • 17 slides
Website Fingerprinting Defenses at the Application Layer Giovanni Cherubin 1 Jamie Hayes 2 Marc

Website Fingerprinting Defenses at the Application Layer Giovanni Cherubin 1 Jamie Hayes 2 Marc

Website Fingerprinting Defenses at the Application Layer Giovanni Cherubin 1 Jamie Hayes 2 Marc Juarez 3 1 Royal Holloway University of London 2 University College London 3 KU Leuven, ESAT/COSIC and imec (to appear in PoPETS 2017) Talk in the

532 views • 20 slides
Hold The Door! Fingerprinting Your Car Key to Prevent Keyless Entry Car Theft Kyungho Joo*

Hold The Door! Fingerprinting Your Car Key to Prevent Keyless Entry Car Theft Kyungho Joo*

Hold The Door! Fingerprinting Your Car Key to Prevent Keyless Entry Car Theft Kyungho Joo* Wonsuk Choi* Dong Hoon Lee Korea University * Co-first Authors Outline Introduction Attack Model Our Method Evaluation Discussion

627 views • 34 slides
Hold The Door! Fingerprinting Your Car Key to Prevent Keyless Entry Car Theft Kyungho Joo*

Hold The Door! Fingerprinting Your Car Key to Prevent Keyless Entry Car Theft Kyungho Joo*

Hold The Door! Fingerprinting Your Car Key to Prevent Keyless Entry Car Theft Kyungho Joo* Wonsuk Choi* Dong Hoon Lee Korea University * Co-first Authors Outline Introduction Attack Model Our Method Evaluation Discussion

487 views • 37 slides
OS-SOMMELIER: Memory-Only Operating System Fingerprinting in the Cloud Yufei Gu , Yangchun Fu

OS-SOMMELIER: Memory-Only Operating System Fingerprinting in the Cloud Yufei Gu , Yangchun Fu

Motivation State-of-the-Art Detailed Design Evaluation Conclusion OS-SOMMELIER: Memory-Only Operating System Fingerprinting in the Cloud Yufei Gu , Yangchun Fu , Aravind Prakash Dr. Zhiqiang Lin , Dr. Heng Yin

860 views • 74 slides
CO 447 | LEC6 BLOCKCHAIN SECURITY Dr. Benjamin Livshits Stateless Fingerprinting 2 EFF

CO 447 | LEC6 BLOCKCHAIN SECURITY Dr. Benjamin Livshits Stateless Fingerprinting 2 EFF

CO 447 | LEC6 BLOCKCHAIN SECURITY Dr. Benjamin Livshits Stateless Fingerprinting 2 EFF Fingerprinting Tester https://panopticlick.eff.org 3 Panopticlick Testing 4 IE Brave Fingerprinting Components 5

1.28k views • 78 slides
Acoustic Fingerprinting Soundz Jake Runzer June 28, 2018 Jake Runzer Acoustic Fingerprinting

Acoustic Fingerprinting Soundz Jake Runzer June 28, 2018 Jake Runzer Acoustic Fingerprinting

Acoustic Fingerprinting Soundz Jake Runzer June 28, 2018 Jake Runzer Acoustic Fingerprinting June 28, 2018 1 / 35 Outline What is Acoustic Fingerprinting 1 Fingerprinting for Music Identification 2 Spectrograms 3 History 4 My

743 views • 35 slides
RESEARCH PROJECT PREVENTING MOST COMMON ATTACKS ON CRITICAL INFRASTRUCTURES Wouter Miltenburg

RESEARCH PROJECT PREVENTING MOST COMMON ATTACKS ON CRITICAL INFRASTRUCTURES Wouter Miltenburg

RP#80 RESEARCH PROJECT PREVENTING MOST COMMON ATTACKS ON CRITICAL INFRASTRUCTURES Wouter Miltenburg & Koen Veelenturf University of Amsterdam Students Master System and Network Engineering Supervisors: Jaya Baloo & Oscar Koeroo

314 views • 14 slides
Fingerprinting hardware devices Fingerprinting hardware devices using clock-skewing using

Fingerprinting hardware devices Fingerprinting hardware devices using clock-skewing using

Fingerprinting hardware devices Fingerprinting hardware devices using clock-skewing using clock-skewing Renaud Lifchitz renaud.lifchitz@gmail.com #HES2010 8,9,10 April 2010 Paris, France Presenter's bio French computer security

644 views • 35 slides
EXPERIMENTAL EVALUATION OF TWO SOFTWARE COUNTERMEASURES AGAINST FAULT ATTACKS Nicolas Moro 1,3 ,

EXPERIMENTAL EVALUATION OF TWO SOFTWARE COUNTERMEASURES AGAINST FAULT ATTACKS Nicolas Moro 1,3 ,

EXPERIMENTAL EVALUATION OF TWO SOFTWARE COUNTERMEASURES AGAINST FAULT ATTACKS Nicolas Moro 1,3 , Karine Heydemann 3 , Amine Dehbaoui 2 , Bruno Robisson 1 , Emmanuelle Encrenaz 3 1 CEA Commissariat lEnergie Atomique et aux Energies

679 views • 22 slides
DYNAMIC WEBSITE PERSONALIZATION AGENDA Defining dynamic website personalization Why

DYNAMIC WEBSITE PERSONALIZATION AGENDA Defining dynamic website personalization Why

CREATE CUSTOM EXPERIENCES WITH DYNAMIC WEBSITE PERSONALIZATION AGENDA Defining dynamic website personalization Why its becoming a critical component of your website Nobody knows your customers like you, put that knowledge to

154 views • 11 slides
Web Attacks Deian Stefan Slides from Zakir Durumeric and Dan Boneh OWASP Ten Most Critical Web

Web Attacks Deian Stefan Slides from Zakir Durumeric and Dan Boneh OWASP Ten Most Critical Web

Web Attacks Deian Stefan Slides from Zakir Durumeric and Dan Boneh OWASP Ten Most Critical Web Security Risks https://github.com/OWASP/Top10/blob/master/2017/OWASP%20Top%2010-2017%20(en).pdf Today

998 views • 78 slides

More recommend