TY - GEN
T1 - DFD
AU - Abusnaina, Ahmed
AU - Jang, Rhongho
AU - Khormali, Aminollah
AU - Nyang, Dae Hun
AU - Mohaisen, David
N1 - Funding Information:
ACKNOWLEDGEMENT This research was supported by Grobal Research Laboratory (GRL) Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Science and ICT (NRF-2016K1A1A2912757).
Publisher Copyright:
© 2020 IEEE.
PY - 2020/7
Y1 - 2020/7
N2 - The Onion Router (Tor) is designed to support an anonymous communication through end-to-end encryption. To prevent vulnerability of side channel attacks (e.g. website fingerprinting), dummy packet injection modules have been embedded in Tor to conceal trace patterns that are associated with the individual websites. However, recent study shows that current Website Fingerprinting (WF) defenses still generate patterns that may be captured and recognized by the deep learning technology. In this paper, we conduct in-depth analyses of two state-of-the-art WF defense approaches. Then, based on our new observations and insights, we propose a novel defense mechanism using a per-burst injection technique, called Deep Fingerprinting Defender (DFD), against deep learning-based WF attacks. The DFD has two operation modes, one-way and two-way injection. DFD is designed to break the inherent patterns preserved in Tor user's traces by carefully injecting dummy packets within every burst. We conducted extensive experiments to evaluate the performance of DFD over both closed-world and open-world settings. Our results demonstrate that these two configurations can successfully break the Tor network traffic pattern and achieve a high evasion rate of 86.02% over one-way client-side injection rate of 100%, a promising improvement in comparison with state-of-the-art adversarial trace's evasion rate of 60%. Moreover, DFD outperforms the state-of-the-art alternatives by requiring lower bandwidth overhead; 14.26% using client-side injection.
AB - The Onion Router (Tor) is designed to support an anonymous communication through end-to-end encryption. To prevent vulnerability of side channel attacks (e.g. website fingerprinting), dummy packet injection modules have been embedded in Tor to conceal trace patterns that are associated with the individual websites. However, recent study shows that current Website Fingerprinting (WF) defenses still generate patterns that may be captured and recognized by the deep learning technology. In this paper, we conduct in-depth analyses of two state-of-the-art WF defense approaches. Then, based on our new observations and insights, we propose a novel defense mechanism using a per-burst injection technique, called Deep Fingerprinting Defender (DFD), against deep learning-based WF attacks. The DFD has two operation modes, one-way and two-way injection. DFD is designed to break the inherent patterns preserved in Tor user's traces by carefully injecting dummy packets within every burst. We conducted extensive experiments to evaluate the performance of DFD over both closed-world and open-world settings. Our results demonstrate that these two configurations can successfully break the Tor network traffic pattern and achieve a high evasion rate of 86.02% over one-way client-side injection rate of 100%, a promising improvement in comparison with state-of-the-art adversarial trace's evasion rate of 60%. Moreover, DFD outperforms the state-of-the-art alternatives by requiring lower bandwidth overhead; 14.26% using client-side injection.
UR - http://www.scopus.com/inward/record.url?scp=85090266307&partnerID=8YFLogxK
U2 - 10.1109/INFOCOM41043.2020.9155465
DO - 10.1109/INFOCOM41043.2020.9155465
M3 - Conference contribution
AN - SCOPUS:85090266307
T3 - Proceedings - IEEE INFOCOM
SP - 2459
EP - 2468
BT - INFOCOM 2020 - IEEE Conference on Computer Communications
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 6 July 2020 through 9 July 2020
ER -