Abstract
Website Fingerprinting (WF) enables an eavesdropper to discover what sites the user is visiting despite the use of a VPN or even the Tor anonymity system. Recent WF attacks on Tor have reached high enough accuracy (up to 98%) to prompt Tor to consider adopting defenses based on packet padding. Defenses such as Walkie-Talkie mainly remove features related to bursts of traffic without affecting packet timing. This was reasonable given that previous research on WF attacks ignored or deemphasized the use of packet timing information. In this thesis, we examine the extent to which packet timing can be used to facilitate WF attacks. In our experiment, we gained up to 61% accuracy on our unprotected dataset, 54% on our WTF-PAD dataset, and 43% on our Walkie-Talkie dataset using only timing-based features in an SVM classifier. Using a convolutional neural network (CNN), we got 88% accuracy on our unprotected dataset, and 76% and 47% accuracy on ourWTF-PAD and Walkie-Talkie dataset respectively. We intend to investigate further to develop an effective and robust WF attack using packet timing.
Library of Congress Subject Headings
Computer crimes--Prevention; Privacy, Right of; Neural networks (Computer science); Convolutions (Mathematics)
Publication Date
8-21-2018
Document Type
Thesis
Student Type
Graduate
Degree Name
Computing Security (MS)
Department, Program, or Center
Department of Computing Security (GCCIS)
Advisor
Matthew Wright
Advisor/Committee Member
Bill Stackpole
Advisor/Committee Member
Leon Reznik
Recommended Citation
Rahman, Mohammad Saidur, "Using Packet Timing Information in Website Fingerprinting" (2018). Thesis. Rochester Institute of Technology. Accessed from
https://repository.rit.edu/theses/9890
Campus
RIT – Main Campus
Plan Codes
COMPSEC-MS
