Abstract:Website fingerprinting technique enables the local monitor to track which websites a user is visiting by capturing anonymous traffic between that user and the Tor (The onion router) entry nodes. Prior researches only extract part meta-data in the anonymous traffic to construct website fingerprints, and ignore much hidden fingerprint information inside the traffic. Therefore, a website fingerprinting technique named Image FingerPrinting (Image-FP) and based on deep convolutional neural network and image texture was proposed. Firstly, the anonymous communication traffic was mapped into Red-Green-Blue (RGB) images. Then, the Residual Network (ResNet) was used to construct the website fingerprinting model with automatic feature learning ability. In a closed-world scenario of 50 websites, Image-FP obtained classification accuracy of 97.2%, which is 0.4 percentage points higher than that of the state-of-the-art website fingerprinting attack technique. In the open-world scenario which is more realistic, Image-FP can identify the traffic of monitored websites with 100% accuracy, has the strongest accuracy and robustness among all fingerprinting techniques. The experimental results demonstrate that, the technique of converting anonymous traffic into images can preserve more features relevant to the website fingerprints, and further improve the classification accuracy while avoiding complex feature engineering
1 何高峰,杨明,罗军舟,等.Tor匿名通信流量在线识别方法[J].软件学报,2013,24(3):540-556. HEG F, YANGM, LUOJ Z, et al. Online identification of Tor anonymous communication traffic [J]. Journal of Software, 2013, 24(3): 540-556. 2 何永忠,李响,陈美玲,等.基于云流量混淆的Tor匿名通信识别方法[J].工程科学与技术,2017,49(2):121-132. HEY Z, LIX, CHENM L, et al. Identification of Tor anonymous communication with cloud traffic obfuscation [J]. Advanced Engineering Sciences, 2017, 49(2): 121-132. 3 PERRYM. A critique of website traffic fingerprinting attacks [EB/OL]. [2019-03-22]. https://blog.torproject.org/critique-website-traffic-fingerprinting-attacks. 4 JUAREZM, AFROZS, ACARG, et al. A critical evaluation of website fingerprinting attacks [C]// Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2014: 263-274. 5 HERRMANND, WENDOLSKYR, FEDERRATHH. Website fingerprinting: attacking popular privacy enhancing technologies with the multinomial naïve-Bayes classifier [C]// Proceedings of the 2009 ACM Workshop on Cloud computing security. New York: ACM, 2009: 31-42. 6 PANCHENKOA, NIESSENL, ZINNENA, et al. Website fingerprinting in onion routing based anonymization networks [C]// Proceedings of the 10th Annual ACM Workshop on Privacy in the Electronic Society. New York: ACM, 2011: 103-114. 7 WANGT, CAIX, NITHYANANDR, et al. Effective attacks and provable defenses for website fingerprinting [C]// Proceedings of the 23rd USENIX Security Symposium. Berkeley: USENIX Association, 2014: 143-157. 8 PANCHENKOA, LANZEF, PENNEKAMPJ, et al. Website fingerprinting at internet scale [EB/OL]. [2019-03-22]. https://www.comsys.rwth-aachen.de/fileadmin/papers/2016/2016-panchenko-ndss-fingerprinting.pdf. 9 HAYESJ, DANEZISG. k-fingerprinting: a robust scalable website fingerprinting technique [C]// Proceedings of the 25th USENIX Security Symposium. Berkeley: USENIX Association, 2016: 1187-1203. 10 RIMMERV, PREUVENEERSD, JUAREZM, et al. Automated website fingerprinting through deep learning [EB/OL]. [2019-03-22].https://arxiv.org/pdf/1708.06376.pdf. 11 SIRINAMP, IMANIM, JUAREZM, et al. Deep fingerprinting: undermining website fingerprinting defenses with deep learning [C]// Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2018: 1928-1943. 12 NATARAJL, KARTHIKEYANS, JACOBG, et al. Malware images: visualization and automatic classification [C]// Proceedings of the 8th International Symposium on Visualization for Cyber Security. New York: ACM, 2011: Article No. 4. 13 HEK, ZHANGX, RENS, et al. Deep residual learning for image recognition[C]// Proceedings of the 2016 IEEE Conference on Computer Vision and Pattern Recognition. Piscataway: IEEE, 2016: 770-778. 14 WANGT, GOLDBERGI. On realistically attacking tor with website fingerprinting [J]. Proceedings on Privacy Enhancing Technologies, 2016(4): 21-36. 15 DYERK P, COULLS E, RISTENPARTT, et al. Peek-a-boo, I still see you: why efficient traffic analysis countermeasures fail[C]// Proceedings of the 2012 IEEE Symposium on Security and Privacy. Piscataway: IEEE, 2012: 332-346. 16 CAIX, NITHYANANDR, WANGT, et al. A systematic approach to developing and evaluating website fingerprinting defenses[C]// Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2014: 227-238. 17 JUAREZM, IMANIM, PERRYM, et al. Toward an efficient website fingerprinting defense [C]// Proceedings of the 2016 European Symposium on Research in Computer Security, LNCS 9878. Cham: Springer, 2016: 27-46. 18 WANGT, GOLDBERGI. Walkie-talkie: an efficient defense against passive website fingerprinting attacks [C]// Proceedings of the 26th USENIX Security Symposium. Berkeley: USENIX Association, 2017: 1375-1390.