基于图像纹理的网站指纹技术

doi:10.11772/j.issn.1001-9081.2019111981

计算机应用 ›› 2020, Vol. 40 ›› Issue (6): 1685-1691.DOI: 10.11772/j.issn.1001-9081.2019111981

基于图像纹理的网站指纹技术

张道维, 段海新

清华大学网络与信息安全实验室，北京 100084

收稿日期:2019-11-21 修回日期:2019-12-18 出版日期:2020-06-10 发布日期:2020-06-18
通讯作者: 张道维(1993—)
作者简介:张道维(1993—)，男，台湾台北人，硕士研究生，主要研究方向：网络安全、深度学习.段海新(1972—)，男，山东济宁人，教授，博士，主要研究方向：网络安全、网络测量。

Website fingerprinting technique based on image texture

ZHANG Daowei, DUAN Haixin

Network and Information Security Lab, Tsinghua University, Beijing 100084, China

Received:2019-11-21 Revised:2019-12-18 Online:2020-06-10 Published:2020-06-18
Contact: ZHANG Daowei, born in 1993, M. S. candidate. His research interests include network security, deep learning.
About author:ZHANG Daowei, born in 1993, M. S. candidate. His research interests include network security, deep learning.DUAN Haixin, born in 1972, Ph. D., professor. His research interests include network security，network measurement.

摘要/Abstract

摘要： 网站指纹技术能够让本地监听者通过审查用户与Tor入口节点之间的匿名流量从而追踪到该用户访问的具体网站。现有的研究方法只提取了匿名流量中的部分元数据来进行网站指纹的刻画，忽视了大量隐含的指纹信息。为此，提出了基于图像纹理和深度卷积神经网络的网站指纹技术Image-FP。首先，将匿名通信流量映射成RGB彩色图；然后，使用残差神经网络(ResNet)构造出能进行自主特征学习的网站指纹分类模型。在50个网站构成的封闭世界场景下，Image-FP能够取得97.2%的分类准确率，相较于最前沿的网站指纹攻击技术提高了0.4个百分点。而在更接近真实环境的开放世界场景中，Image-FP能够以100%的准确率识别出监控网站的流量，其准确性和鲁棒性更是远远高于其他指纹技术。实验结果表明，匿名流量图像化的技术能够更多地保留网站指纹的相关特征，并且在避免复杂特征工程的同时，能够进一步提高分类精度。

关键词: 匿名网络, Tor, 网站指纹, 数据可视化, 卷积神经网络

Abstract: Website fingerprinting technique enables the local monitor to track which websites a user is visiting by capturing anonymous traffic between that user and the Tor （The onion router） entry nodes. Prior researches only extract part meta-data in the anonymous traffic to construct website fingerprints, and ignore much hidden fingerprint information inside the traffic. Therefore, a website fingerprinting technique named Image FingerPrinting (Image-FP) and based on deep convolutional neural network and image texture was proposed. Firstly, the anonymous communication traffic was mapped into Red-Green-Blue (RGB) images. Then, the Residual Network (ResNet) was used to construct the website fingerprinting model with automatic feature learning ability. In a closed-world scenario of 50 websites, Image-FP obtained classification accuracy of 97.2%, which is 0.4 percentage points higher than that of the state-of-the-art website fingerprinting attack technique. In the open-world scenario which is more realistic, Image-FP can identify the traffic of monitored websites with 100% accuracy, has the strongest accuracy and robustness among all fingerprinting techniques. The experimental results demonstrate that, the technique of converting anonymous traffic into images can preserve more features relevant to the website fingerprints, and further improve the classification accuracy while avoiding complex feature engineering

Key words: anonymous network, The onion router (Tor), website fingerprinting, data visualization, Convolutional Neural Network (CNN)

中图分类号:

TP393

张道维, 段海新. 基于图像纹理的网站指纹技术[J]. 计算机应用, 2020, 40(6): 1685-1691.

ZHANG Daowei, DUAN Haixin. Website fingerprinting technique based on image texture[J]. Journal of Computer Applications, 2020, 40(6): 1685-1691.

参考文献

1 何高峰,杨明,罗军舟,等.Tor匿名通信流量在线识别方法[J].软件学报,2013,24(3):540-556. HEG F, YANGM, LUOJ Z, et al. Online identification of Tor anonymous communication traffic [J]. Journal of Software, 2013, 24(3): 540-556.
2 何永忠,李响,陈美玲,等.基于云流量混淆的Tor匿名通信识别方法[J].工程科学与技术,2017,49(2):121-132. HEY Z, LIX, CHENM L, et al. Identification of Tor anonymous communication with cloud traffic obfuscation [J]. Advanced Engineering Sciences, 2017, 49(2): 121-132.
3 PERRYM. A critique of website traffic fingerprinting attacks [EB/OL]. [2019-03-22]. https://blog.torproject.org/critique-website-traffic-fingerprinting-attacks.
4 JUAREZM, AFROZS, ACARG, et al. A critical evaluation of website fingerprinting attacks [C]// Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2014: 263-274.
5 HERRMANND, WENDOLSKYR, FEDERRATHH. Website fingerprinting: attacking popular privacy enhancing technologies with the multinomial naïve-Bayes classifier [C]// Proceedings of the 2009 ACM Workshop on Cloud computing security. New York: ACM, 2009: 31-42.
6 PANCHENKOA, NIESSENL, ZINNENA, et al. Website fingerprinting in onion routing based anonymization networks [C]// Proceedings of the 10th Annual ACM Workshop on Privacy in the Electronic Society. New York: ACM, 2011: 103-114.
7 WANGT, CAIX, NITHYANANDR, et al. Effective attacks and provable defenses for website fingerprinting [C]// Proceedings of the 23rd USENIX Security Symposium. Berkeley: USENIX Association, 2014: 143-157.
8 PANCHENKOA, LANZEF, PENNEKAMPJ, et al. Website fingerprinting at internet scale [EB/OL]. [2019-03-22]. https://www.comsys.rwth-aachen.de/fileadmin/papers/2016/2016-panchenko-ndss-fingerprinting.pdf.
9 HAYESJ, DANEZISG. k-fingerprinting: a robust scalable website fingerprinting technique [C]// Proceedings of the 25th USENIX Security Symposium. Berkeley: USENIX Association, 2016: 1187-1203.
10 RIMMERV, PREUVENEERSD, JUAREZM, et al. Automated website fingerprinting through deep learning [EB/OL]. [2019-03-22].https://arxiv.org/pdf/1708.06376.pdf.
11 SIRINAMP, IMANIM, JUAREZM, et al. Deep fingerprinting: undermining website fingerprinting defenses with deep learning [C]// Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2018: 1928-1943.
12 NATARAJL, KARTHIKEYANS, JACOBG, et al. Malware images: visualization and automatic classification [C]// Proceedings of the 8th International Symposium on Visualization for Cyber Security. New York: ACM, 2011: Article No. 4.
13 HEK, ZHANGX, RENS, et al. Deep residual learning for image recognition[C]// Proceedings of the 2016 IEEE Conference on Computer Vision and Pattern Recognition. Piscataway: IEEE, 2016: 770-778.
14 WANGT, GOLDBERGI. On realistically attacking tor with website fingerprinting [J]. Proceedings on Privacy Enhancing Technologies, 2016(4): 21-36.
15 DYERK P, COULLS E, RISTENPARTT, et al. Peek-a-boo, I still see you: why efficient traffic analysis countermeasures fail[C]// Proceedings of the 2012 IEEE Symposium on Security and Privacy. Piscataway: IEEE, 2012: 332-346.
16 CAIX, NITHYANANDR, WANGT, et al. A systematic approach to developing and evaluating website fingerprinting defenses[C]// Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2014: 227-238.
17 JUAREZM, IMANIM, PERRYM, et al. Toward an efficient website fingerprinting defense [C]// Proceedings of the 2016 European Symposium on Research in Computer Security, LNCS 9878. Cham: Springer, 2016: 27-46.
18 WANGT, GOLDBERGI. Walkie-talkie: an efficient defense against passive website fingerprinting attacks [C]// Proceedings of the 26th USENIX Security Symposium. Berkeley: USENIX Association, 2017: 1375-1390.

[1]	王贺兵, 张春梅. 基于非对称卷积-压缩激发-次代残差网络的人脸关键点检测[J]. 计算机应用, 2021, 41(9): 2741-2747.
[2]	宋中山, 梁家锐, 郑禄, 刘振宇, 帖军. 基于双向门控尺度特征融合的遥感场景分类[J]. 计算机应用, 2021, 41(9): 2726-2735.
[3]	李康康, 张静. 基于注意力机制的多层次编码和解码的图像描述模型[J]. 计算机应用, 2021, 41(9): 2504-2509.
[4]	张永斌, 常文欣, 孙连山, 张航. 基于字典的域名生成算法生成域名的检测方法[J]. 计算机应用, 2021, 41(9): 2609-2614.
[5]	赵宏, 孔东一. 图像特征注意力与自适应注意力融合的图像内容中文描述[J]. 计算机应用, 2021, 41(9): 2496-2503.
[6]	徐江浪, 李林燕, 万新军, 胡伏原. 结合目标检测的室内场景识别方法[J]. 计算机应用, 2021, 41(9): 2720-2725.
[7]	牟长宁, 王海鹏, 周丕宇, 侯鑫行. 基于图卷积神经网络的串联质谱从头测序[J]. 计算机应用, 2021, 41(9): 2773-2779.
[8]	曾祥银, 郑伯川, 刘丹. 基于深度卷积神经网络和聚类的左右轨道线检测[J]. 计算机应用, 2021, 41(8): 2324-2329.
[9]	曹玉红, 徐海, 刘荪傲, 王紫霄, 李宏亮. 基于深度学习的医学影像分割研究综述[J]. 计算机应用, 2021, 41(8): 2273-2287.
[10]	秦斌斌, 彭良康, 卢向明, 钱江波. 司机分心驾驶检测研究进展[J]. 计算机应用, 2021, 41(8): 2330-2337.
[11]	黄程程, 董霄霄, 李钊. 基于二维Winograd算法的深流水线5×5卷积方法[J]. 计算机应用, 2021, 41(8): 2258-2264.
[12]	高钦泉, 黄炳城, 刘文哲, 童同. 基于改进CenterNet的竹条表面缺陷检测方法[J]. 计算机应用, 2021, 41(7): 1933-1938.
[13]	谭道强, 曾诚, 乔金霞, 张俊. 基于混合注意力模型的阴影检测方法[J]. 计算机应用, 2021, 41(7): 2076-2081.
[14]	吴则举, 焦翠娟, 陈亮. 基于改进Faster R-CNN的轮胎缺陷检测方法[J]. 计算机应用, 2021, 41(7): 1939-1946.
[15]	杨粟, 欧阳智, 杜逆索. 基于相关度距离的无监督并行哈希图像检索[J]. 计算机应用, 2021, 41(7): 1902-1907.

基于图像纹理的网站指纹技术

Website fingerprinting technique based on image texture

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics