Table of Contents
Fetching ...

End-to-End Multi-Tab Website Fingerprinting Attack: A Detection Perspective

Mantun Chen, Yongxin Chen, Yongjun Wang, Peidai Xie, Shaojing Fu, Xiatian Zhu

TL;DR

A novel Website Fingerprint Detection (WFD) model capable of detecting accurately the start and end points of all the monitored traces and classifying them jointly, given long, untrimmed raw traffic data, is formulated.

Abstract

Website fingerprinting attack (WFA) aims to deanonymize the website a user is visiting through anonymous networks channels (e.g., Tor). Despite of remarkable progress in the past years, most existing methods make implicitly a couple of artificial assumptions that (1) only a single website (i.e., single-tab) is visited each time, and (2) website fingerprinting data are pre-trimmed into a single trace per website manually. In reality, a user often open multiple tabs for multiple websites spontaneously. Indeed, this multi-tab WFA (MT-WFA) setting has been studied in a few recent works, but all of them still fail to fully respect the real-world situations. In particular, the overlapping challenge between website fingerprinting has never been investigated in depth. In this work, we redefine the problem of MT-WFA as detecting multiple monitored traces, given a natural untrimmed traffic data including monitored traces, unmonitored traces, and potentially unconstrained overlapping between them. This eliminates the above assumptions, going beyond the conventional single website fingerprint classification perspective taken by all previous WFA methods. To tackle this realistic MT-WFA problem, we formulate a novel Website Fingerprint Detection (WFD) model capable of detecting accurately the start and end points of all the monitored traces and classifying them jointly, given long, untrimmed raw traffic data. WFD is end-to-end, with the trace localization and website classification integrated in a single unified pipeline. To enable quantitative evaluation in our MT-WFA setting, we introduce new performance metrics. Extensive experiments on several newly constructed benchmarks show that our WFD outperforms the state-of-the-art alternative methods in both accuracy and efficiency by a large margin, even with a very small training set. Code is available at https://github.com/WFDetector/WFDetection

End-to-End Multi-Tab Website Fingerprinting Attack: A Detection Perspective

TL;DR

A novel Website Fingerprint Detection (WFD) model capable of detecting accurately the start and end points of all the monitored traces and classifying them jointly, given long, untrimmed raw traffic data, is formulated.

Abstract

Website fingerprinting attack (WFA) aims to deanonymize the website a user is visiting through anonymous networks channels (e.g., Tor). Despite of remarkable progress in the past years, most existing methods make implicitly a couple of artificial assumptions that (1) only a single website (i.e., single-tab) is visited each time, and (2) website fingerprinting data are pre-trimmed into a single trace per website manually. In reality, a user often open multiple tabs for multiple websites spontaneously. Indeed, this multi-tab WFA (MT-WFA) setting has been studied in a few recent works, but all of them still fail to fully respect the real-world situations. In particular, the overlapping challenge between website fingerprinting has never been investigated in depth. In this work, we redefine the problem of MT-WFA as detecting multiple monitored traces, given a natural untrimmed traffic data including monitored traces, unmonitored traces, and potentially unconstrained overlapping between them. This eliminates the above assumptions, going beyond the conventional single website fingerprint classification perspective taken by all previous WFA methods. To tackle this realistic MT-WFA problem, we formulate a novel Website Fingerprint Detection (WFD) model capable of detecting accurately the start and end points of all the monitored traces and classifying them jointly, given long, untrimmed raw traffic data. WFD is end-to-end, with the trace localization and website classification integrated in a single unified pipeline. To enable quantitative evaluation in our MT-WFA setting, we introduce new performance metrics. Extensive experiments on several newly constructed benchmarks show that our WFD outperforms the state-of-the-art alternative methods in both accuracy and efficiency by a large margin, even with a very small training set. Code is available at https://github.com/WFDetector/WFDetection
Paper Structure (37 sections, 7 equations, 8 figures, 10 tables)

This paper contains 37 sections, 7 equations, 8 figures, 10 tables.

Figures (8)

  • Figure 1: Illustration of data flow between a user and several websites with a Tor network in-between, producing single-tab or multi-tab traces traces. Especially, we consider an attacker taps on the key router and carries out a large-scale real-time WFA, including ST-WFA and MT-WFA. Suppose Google is one monitored website, we aim to detect all traces with Google website.
  • Figure 2: Illustration of full traces and trace segments: single-tab trace, multi-tab trace (consecutive or overlapped), ground-truth (clean or mixed), candidate trace, and the Intersection and Union of IoUT. In this example, we consider Google (red) as one monitored website, and Amazon (green) and Bing (grey) as unmonitored ones.
  • Figure 3: Schematic overview of the proposed Website Fingerprinting Detection (WFD) model. WFD solves the MT-WFA problem by jointly optimizing the classification task and location task end to end. Firstly, the feature extractor $\theta_{fe}$ down-samples an input multi-tab trace to a $m$-length feature vector sequence. Each feature vector corresponds to a cell segment. For each cell segment, $n$ anchor segments are placed. Then, the scale encoder $\theta_{se}$ learns rich information at different scales. With the position offsets and website probabilities predicted by the regression head $\theta_{reg}$ and the classification head $\theta_{cls}$, $m\times n$ anchor segments are converted into $m \times n$ proposal segments. In model training, we match these proposed segments with the ground-truths, and obtain $J$ positive segments and $K$ negative segments. All these segments are used to calculate the classification loss. However, only the positive segments are used for the calculation of regression loss. The summed loss is used for model parameter update via SGD.
  • Figure 4: Evaluating the effect of single-tab trace number ($\ell$) in each multi-tab trace on DS-19$_{mt}$. Metrics: precision (%), recall (%), and mAP (%).
  • Figure 7: Evaluating the effect of the percentage of clean trace segments on DS-19$_{mt}$. Metrics: precision (%), recall (%), and mAP (%).
  • ...and 3 more figures

Theorems & Definitions (9)

  • Definition 1
  • Definition 2
  • Definition 3
  • Definition 4
  • Definition 5
  • Definition 6
  • Definition 7
  • Definition 8
  • Definition 9