Website Fingerprinting (WF) enables an eavesdropper to discover what sites the user is visiting despite the use of a VPN or even the Tor anonymity system. Recent WF attacks on Tor have reached high enough accuracy (up to 98%) to prompt Tor to consider adopting defenses based on packet padding. Defenses such as Walkie-Talkie mainly remove features related to bursts of traffic without affecting packet timing. This was reasonable given that previous research on WF attacks ignored or deemphasized the use of packet timing information. In this thesis, we examine the extent to which packet timing can be used to facilitate WF attacks. In our experiment, we gained up to 61% accuracy on our unprotected dataset, 54% on our WTF-PAD dataset, and 43% on our Walkie-Talkie dataset using only timing-based features in an SVM classifier. Using a convolutional neural network (CNN), we got 88% accuracy on our unprotected dataset, and 76% and 47% accuracy on ourWTF-PAD and Walkie-Talkie dataset respectively. We intend to investigate further to develop an effective and robust WF attack using packet timing.

Library of Congress Subject Headings

Computer crimes--Prevention; Privacy, Right of; Neural networks (Computer science); Convolutions (Mathematics)

Publication Date


Document Type


Student Type


Degree Name

Computing Security (MS)

Department, Program, or Center

Department of Computing Security (GCCIS)


Matthew Wright

Advisor/Committee Member

Bill Stackpole

Advisor/Committee Member

Leon Reznik


RIT – Main Campus

Plan Codes