diff options
author | Rasmus Dahlberg <rasmus@rgdd.se> | 2024-10-15 16:08:16 +0200 |
---|---|---|
committer | Rasmus Dahlberg <rasmus@rgdd.se> | 2024-10-15 16:08:16 +0200 |
commit | 385cc92bc91e1a6c3724085c060e76bf40c13ed3 (patch) | |
tree | 26d0a8f81f2caa472830fd40a51844bb202c1355 /summary/src/cat/main.tex |
Import PhD thesis
Diffstat (limited to 'summary/src/cat/main.tex')
-rw-r--r-- | summary/src/cat/main.tex | 70 |
1 files changed, 70 insertions, 0 deletions
diff --git a/summary/src/cat/main.tex b/summary/src/cat/main.tex new file mode 100644 index 0000000..5dd9d84 --- /dev/null +++ b/summary/src/cat/main.tex @@ -0,0 +1,70 @@ +\begin{kaupaper}[ + author={% + Tobias Pulls and \textbf{Rasmus Dahlberg} + }, + title={% + Website Fingerprinting with Website Oracles + }, + reference={% + PETS (2020) + }, + summary={% + One of the properties Tor aims to provide against local network attackers + is unlinkability between end-users (sender anonymity set) and their + destinations on the Internet (receiver anonymity set). A website + fingerprinting attack aims to break anonymity in this model by inferring + which website an identifiable end-user is visiting based only on the + traffic entering the Tor network. We extend the attacker model for + website fingerprinting attacks by introducing the notion of \emph{website + oracles}. A website oracle answers the following question: was website $w$ + visited during time frame $t$? In other words, the attacker can query the + receiver anonymity set for websites that were (not) visited. Our + simulations show that augmenting past website fingerprinting attacks to + include website oracles significantly reduces false positives for all but + the most popular websites, e.g., to the order of $10^{-6}$ for + classifications around Alexa top-10k and much less for the long tail of + sites. Further, some earlier website fingerprinting defenses are largely + ineffective in the (stronger) attacker model that includes website + oracles. We discuss a dozen real-world website oracles ranging from + centralized access logs to widely accessible real-time bidding platforms + and DNS caches, arguing that they are inherent parts of the protocols used + to perform website visits. Therefore, access to a website oracle should + be an assumed attacker capability when evaluating which website + fingerprinting defenses are effective. + }, + participation={\vspace{-.25cm} + Tobias is the main author and conducted most of the work. I mainly + contributed by coining the name \emph{website oracle}, evaluating + sources of real-world website oracles, and performing our non-simulated + network experiments. + }, + label={ + paper:cat + }, +] + \maketitle + \begin{abstract} + \input{src/cat/src/abstract} + \end{abstract} + + \input{src/cat/src/intro} + \input{src/cat/src/background} + \input{src/cat/src/oracles} + \input{src/cat/src/sources} + \input{src/cat/src/sim} + \input{src/cat/src/wf} + \input{src/cat/src/discussion} + \input{src/cat/src/related} + \input{src/cat/src/conclusions} + \input{src/cat/src/ack} + + \bibliographystyle{plain} + \bibliography{src/cat/src/ref-min} + + \begin{appendices} + \input{src/cat/src/bayes} + \input{src/cat/src/lessons} + \input{src/cat/src/othersources} + \end{appendices} + +\end{kaupaper} |