Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

WFCAT: Augmenting Website Fingerprinting with Channel-wise Attention on Timing Features

Jiajun Gong, Wei Cai, Siyuan Liang, Zhong Guan, Tao Wang, Ee-Chien Chang

TL;DR

WF attacks on Tor remain vulnerable to timing-based leakage even under modern defenses. The authors propose WFCAT, which uses an Inter-Arrival Time histogram to encode timing patterns and a multi-scale CNN backbone with channel-wise attention. Across defended and undefended traces, WFCAT outperforms prior attacks, notably achieving 59% accuracy against Surakav in closed-world and strong open-world performance. The work highlights persistent timing leakage and motivates combined defense strategies and adversarial techniques for improved privacy.

Abstract

Website Fingerprinting (WF) aims to deanonymize users on the Tor network by analyzing encrypted network traffic. Recent deep-learning-based attacks show high accuracy on undefended traces. However, they struggle against modern defenses that use tactics like injecting dummy packets and delaying real packets, which significantly degrade classification performance. Our analysis reveals that current attacks inadequately leverage the timing information inherent in traffic traces, which persists as a source of leakage even under robust defenses. Addressing this shortfall, we introduce a novel feature representation named the Inter-Arrival Time (IAT) histogram, which quantifies the frequencies of packet inter-arrival times across predetermined time slots. Complementing this feature, we propose a new CNN-based attack, WFCAT, enhanced with two innovative architectural blocks designed to optimally extract and utilize timing information. Our approach uses kernels of varying sizes to capture multi-scale features, which are then integrated using a weighted sum across all feature channels to enhance the model's efficacy in identifying temporal patterns. Our experiments validate that WFCAT substantially outperforms existing methods on defended traces in both closed- and open-world scenarios. Notably, WFCAT achieves over 59% accuracy against Surakav, a recently developed robust defense, marking an improvement of over 28% and 48% against the state-of-the-art attacks RF and Tik-Tok, respectively, in the closed-world scenario.

WFCAT: Augmenting Website Fingerprinting with Channel-wise Attention on Timing Features

TL;DR

WF attacks on Tor remain vulnerable to timing-based leakage even under modern defenses. The authors propose WFCAT, which uses an Inter-Arrival Time histogram to encode timing patterns and a multi-scale CNN backbone with channel-wise attention. Across defended and undefended traces, WFCAT outperforms prior attacks, notably achieving 59% accuracy against Surakav in closed-world and strong open-world performance. The work highlights persistent timing leakage and motivates combined defense strategies and adversarial techniques for improved privacy.

Abstract

Website Fingerprinting (WF) aims to deanonymize users on the Tor network by analyzing encrypted network traffic. Recent deep-learning-based attacks show high accuracy on undefended traces. However, they struggle against modern defenses that use tactics like injecting dummy packets and delaying real packets, which significantly degrade classification performance. Our analysis reveals that current attacks inadequately leverage the timing information inherent in traffic traces, which persists as a source of leakage even under robust defenses. Addressing this shortfall, we introduce a novel feature representation named the Inter-Arrival Time (IAT) histogram, which quantifies the frequencies of packet inter-arrival times across predetermined time slots. Complementing this feature, we propose a new CNN-based attack, WFCAT, enhanced with two innovative architectural blocks designed to optimally extract and utilize timing information. Our approach uses kernels of varying sizes to capture multi-scale features, which are then integrated using a weighted sum across all feature channels to enhance the model's efficacy in identifying temporal patterns. Our experiments validate that WFCAT substantially outperforms existing methods on defended traces in both closed- and open-world scenarios. Notably, WFCAT achieves over 59% accuracy against Surakav, a recently developed robust defense, marking an improvement of over 28% and 48% against the state-of-the-art attacks RF and Tik-Tok, respectively, in the closed-world scenario.

Paper Structure

This paper contains 20 sections, 4 equations, 8 figures, 5 tables.

Table of Contents

  1. Introduction
  2. Threat Model
  3. Related Work
  4. Website Fingerprinting Attacks
  5. Website Fingerprinting Defenses
  6. Attack Design
  7. Observation and Intuition
  8. A New Trace Representation
  9. Model Architecture
  10. Attack Evaluation
  11. Experiment Setup
  12. Hyperparameter Tuning of WFCAT
  13. Closed-world Evaluation
  14. Open-world Evaluation
  15. Impact of Circuit Bandwidth
  16. ...and 5 more sections

Figures (8)

  • Figure 1: WF attack model.
  • Figure 2: Visualization of IAT histogram computation. In this example, we bin all the cells according to their IAT values (in milliseconds) into $G=3$ distinct bins.
  • Figure 3: WFCAT model's architecture. *The first Conv2d and all Conv1d blocks are our proposed new blocks.
  • Figure 4: Illustration of the first Conv2d block: utilizing multiple kernels for feature extraction at various scales via an Inception block, followed by fusion of features across different channels with learned weights in the SEBlock.
  • Figure 5: Attack performance against various defenses in the open-world scenario. The WFCAT method significantly outperforms the other attacks against all defenses. Note that the x-axis scale may vary across subfigures.
  • ...and 3 more figures