1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
|
\begin{kaupaper}[
author={%
Tobias Pulls and \textbf{Rasmus Dahlberg}
},
title={%
Website Fingerprinting with Website Oracles
},
reference={%
PETS (2020)
},
summary={%
One of the properties Tor aims to provide against local network attackers
is unlinkability between end-users (sender anonymity set) and their
destinations on the Internet (receiver anonymity set). A website
fingerprinting attack aims to break anonymity in this model by inferring
which website an identifiable end-user is visiting based only on the
traffic entering the Tor network. We extend the attacker model for
website fingerprinting attacks by introducing the notion of \emph{website
oracles}. A website oracle answers the following question: was website $w$
visited during time frame $t$? In other words, the attacker can query the
receiver anonymity set for websites that were (not) visited. Our
simulations show that augmenting past website fingerprinting attacks to
include website oracles significantly reduces false positives for all but
the most popular websites, e.g., to the order of $10^{-6}$ for
classifications around Alexa top-10k and much less for the long tail of
sites. Further, some earlier website fingerprinting defenses are largely
ineffective in the (stronger) attacker model that includes website
oracles. We discuss a dozen real-world website oracles ranging from
centralized access logs to widely accessible real-time bidding platforms
and DNS caches, arguing that they are inherent parts of the protocols used
to perform website visits. Therefore, access to a website oracle should
be an assumed attacker capability when evaluating which website
fingerprinting defenses are effective.
},
participation={\vspace{-.25cm}
Tobias is the main author and conducted most of the work. I mainly
contributed by coining the name \emph{website oracle}, evaluating
sources of real-world website oracles, and performing our non-simulated
network experiments.
},
label={
paper:cat
},
]
\maketitle
\begin{abstract}
\input{src/cat/src/abstract}
\end{abstract}
\input{src/cat/src/intro}
\input{src/cat/src/background}
\input{src/cat/src/oracles}
\input{src/cat/src/sources}
\input{src/cat/src/sim}
\input{src/cat/src/wf}
\input{src/cat/src/discussion}
\input{src/cat/src/related}
\input{src/cat/src/conclusions}
\input{src/cat/src/ack}
\bibliographystyle{plain}
\bibliography{src/cat/src/ref-min}
\begin{appendices}
\input{src/cat/src/bayes}
\input{src/cat/src/lessons}
\input{src/cat/src/othersources}
\end{appendices}
\end{kaupaper}
|
