Article

Peek-a-Boo, I Still See You: Why Efficient Traffic Analysis Countermeasures Fail

Authors:

Kevin P. Dyer,

Scott E. Coull,

Thomas Ristenpart,

Thomas ShrimptonAuthors Info & Claims

SP '12: Proceedings of the 2012 IEEE Symposium on Security and Privacy

Pages 332 - 346

https://doi.org/10.1109/SP.2012.28

Published: 20 May 2012 Publication History

Abstract

We consider the setting of HTTP traffic over encrypted tunnels, as used to conceal the identity of websites visited by a user. It is well known that traffic analysis (TA) attacks can accurately identify the website a user visits despite the use of encryption, and previous work has looked at specific attack/countermeasure pairings. We provide the first comprehensive analysis of general-purpose TA countermeasures. We show that nine known countermeasures are vulnerable to simple attacks that exploit coarse features of traffic (e.g., total time and bandwidth). The considered countermeasures include ones like those standardized by TLS, SSH, and IPsec, and even more complex ones like the traffic morphing scheme of Wright et al. As just one of our results, we show that despite the use of traffic morphing, one can use only total upstream and downstream bandwidth to identify--with 98% accuracy --which of two websites was visited. One implication of what we find is that, in the context of website identification, it is unlikely that bandwidth-efficient, general-purpose TA countermeasures can ever provide the type of security targeted in prior work.

Cited By

View all

Yu KLi QChen DHu L(2024)Safeguarding User-Centric Privacy in Smart HomesACM Transactions on Internet Technology10.1145/370172624:4(1-33)Online publication date: 18-Nov-2024
https://dl.acm.org/doi/10.1145/3701726
Hayden BWalsh TBarton A(2024)Defending Against Deep Learning-Based Traffic Fingerprinting Attacks With Adversarial ExamplesACM Transactions on Privacy and Security10.1145/369859128:1(1-23)Online publication date: 3-Oct-2024
https://dl.acm.org/doi/10.1145/3698591
Jansen RWails RJohnson AAyday EVaidya J(2024)Repositioning Real-World Website Fingerprinting on TorProceedings of the 23rd Workshop on Privacy in the Electronic Society10.1145/3689943.3695047(124-140)Online publication date: 20-Nov-2024
https://dl.acm.org/doi/10.1145/3689943.3695047
Show More Cited By

Recommendations

Peek-a-boo: i see your smart home activities, even encrypted!
WiSec '20: Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks

A myriad of IoT devices such as bulbs, switches, speakers in a smart home environment allow users to easily control the physical world around them and facilitate their living styles through the sensors already embedded in these devices. Sensor data ...
DynaFlow: An Efficient Website Fingerprinting Defense Based on Dynamically-Adjusting Flows
WPES'18: Proceedings of the 2018 Workshop on Privacy in the Electronic Society

Website fingerprinting attacks enable a local adversary to determine which website a Tor user visits. In recent years, several researchers have proposed defenses to counter these attacks. However, these defenses have shortcomings: many do not provide ...
Protecting traffic privacy for massive aggregated traffic

Traffic analysis has definitely shown that encryption is not enough to protect the privacy of communications implemented over packet networks. The very features of packet traffic, like packet lengths statistics, inter-packet times, volumes of exchanged ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

SP '12: Proceedings of the 2012 IEEE Symposium on Security and Privacy

May 2012

600 pages

ISBN:9780769546810

Publisher

IEEE Computer Society

United States

Publication History

Published: 20 May 2012

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

96
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 22 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Yu KLi QChen DHu L(2024)Safeguarding User-Centric Privacy in Smart HomesACM Transactions on Internet Technology10.1145/370172624:4(1-33)Online publication date: 18-Nov-2024
https://dl.acm.org/doi/10.1145/3701726
Hayden BWalsh TBarton A(2024)Defending Against Deep Learning-Based Traffic Fingerprinting Attacks With Adversarial ExamplesACM Transactions on Privacy and Security10.1145/369859128:1(1-23)Online publication date: 3-Oct-2024
https://dl.acm.org/doi/10.1145/3698591
Jansen RWails RJohnson AAyday EVaidya J(2024)Repositioning Real-World Website Fingerprinting on TorProceedings of the 23rd Workshop on Privacy in the Electronic Society10.1145/3689943.3695047(124-140)Online publication date: 20-Nov-2024
https://dl.acm.org/doi/10.1145/3689943.3695047
Carlson AHasselquist DWitwer EJohansson NCarlsson NAyday EVaidya J(2024)Understanding and Improving Video Fingerprinting Attack Accuracy under Challenging ConditionsProceedings of the 23rd Workshop on Privacy in the Electronic Society10.1145/3689943.3695045(141-154)Online publication date: 20-Nov-2024
https://dl.acm.org/doi/10.1145/3689943.3695045
Guo XYu KLi QChen D(2024)VoiceAttack: Fingerprinting Voice Command on VPN-protected Smart Home SpeakersProceedings of the 11th ACM International Conference on Systems for Energy-Efficient Buildings, Cities, and Transportation10.1145/3671127.3698171(55-65)Online publication date: 29-Oct-2024
https://dl.acm.org/doi/10.1145/3671127.3698171
Gaballah SAbdullah LMühlhäuser MMarky K(2024)Let the Users Choose: Low Latency or Strong Anonymity? Investigating Mix Nodes with Paired Mixing TechniquesProceedings of the 19th International Conference on Availability, Reliability and Security10.1145/3664476.3664516(1-11)Online publication date: 30-Jul-2024
https://dl.acm.org/doi/10.1145/3664476.3664516
Xie YFeng JHuang WZhang YSun XChen XLuo XChua TNgo CKa-Wei Lee RKumar RLauw H(2024)Contrastive Fingerprinting: A Novel Website Fingerprinting Attack over Few-shot TracesProceedings of the ACM Web Conference 202410.1145/3589334.3645575(1203-1214)Online publication date: 13-May-2024
https://dl.acm.org/doi/10.1145/3589334.3645575
Shen MJi KGao ZLi QZhu LXu KCalandrino JTroncoso C(2023)Subverting website fingerprinting defenses with robust traffic representationProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620272(607-624)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620272
Nunes VBrás JCarvalho ABarradas DGallagher KSantos N(2023)Enhancing the Unlinkability of Circuit-Based Anonymous Communications with k-FunnelsProceedings of the ACM on Networking10.1145/36291401:CoNEXT3(1-26)Online publication date: 28-Nov-2023
https://dl.acm.org/doi/10.1145/3629140
Kannan TFeamster NHoffmann HMeng WJensen CCremers CKirda E(2023)Prediction Privacy in Distributed Multi-Exit Neural Networks: Vulnerabilities and SolutionsProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3623069(1123-1137)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3623069
Show More Cited By

View Options

View options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Abstract

Cited By

Recommendations

Peek-a-boo: i see your smart home activities, even encrypted!

DynaFlow: An Efficient Website Fingerprinting Defense Based on Dynamically-Adjusting Flows

Protecting traffic privacy for massive aggregated traffic

Comments

Information

Published In

Publisher

Publication History

Author Tags

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Login options

Full Access

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations