Website fingerprinting on early QUIC traffic
- URL: http://arxiv.org/abs/2101.11871v2
- Date: Mon, 15 Nov 2021 14:27:42 GMT
- Title: Website fingerprinting on early QUIC traffic
- Authors: Pengwei Zhan, Liming Wang, Yi Tang
- Abstract summary: We study the vulnerabilities of GQUIC, IQUIC, and HTTPS to WFP attacks from the perspective of traffic analysis.
GQUIC is the most vulnerable to WFP attacks among GQUIC, IQUIC, and HTTPS, while IQUIC is more vulnerable than HTTPS, but the vulnerability of the three protocols is similar in the normal full traffic scenario.
- Score: 12.18618920843956
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Cryptographic protocols have been widely used to protect the user's privacy
and avoid exposing private information. QUIC (Quick UDP Internet Connections),
including the version originally designed by Google (GQUIC) and the version
standardized by IETF (IQUIC), as alternatives to the traditional HTTP,
demonstrate their unique transmission characteristics: based on UDP for
encrypted resource transmitting, accelerating web page rendering. However,
existing encrypted transmission schemes based on TCP are vulnerable to website
fingerprinting (WFP) attacks, allowing adversaries to infer the users' visited
websites by eavesdropping on the transmission channel. Whether GQUIC and IQUIC
can effectively resist such attacks is worth investigating. In this paper, we
study the vulnerabilities of GQUIC, IQUIC, and HTTPS to WFP attacks from the
perspective of traffic analysis. Extensive experiments show that, in the early
traffic scenario, GQUIC is the most vulnerable to WFP attacks among GQUIC,
IQUIC, and HTTPS, while IQUIC is more vulnerable than HTTPS, but the
vulnerability of the three protocols is similar in the normal full traffic
scenario. Features transferring analysis shows that most features are
transferable between protocols when on normal full traffic scenario. However,
combining with the qualitative analysis of latent feature representation, we
find that the transferring is inefficient when on early traffic, as GQUIC,
IQUIC, and HTTPS show the significantly different magnitude of variation in the
traffic distribution on early traffic. By upgrading the one-time WFP attacks to
multiple WFP Top-a attacks, we find that the attack accuracy on GQUIC and IQUIC
reach 95.4% and 95.5%, respectively, with only 40 packets and just using simple
features, whereas reach only 60.7% when on HTTPS. We also demonstrate that the
vulnerability of IQUIC is only slightly dependent on the network environment.
Related papers
- Securing the Web: Analysis of HTTP Security Headers in Popular Global Websites [2.7039386580759666]
Over half of the websites examined (55.66%) received a dismal security grade of 'F'
These low scores expose multiple issues such as weak implementation of Content Security Policies (CSP), neglect of HSTS guidelines, and insufficient application of Subresource Integrity (SRI)
arXiv Detail & Related papers (2024-10-19T01:03:59Z) - Toward Mixture-of-Experts Enabled Trustworthy Semantic Communication for 6G Networks [82.3753728955968]
We introduce a novel Mixture-of-Experts (MoE)-based SemCom system.
This system comprises a gating network and multiple experts, each specializing in different security challenges.
The gating network adaptively selects suitable experts to counter heterogeneous attacks based on user-defined security requirements.
A case study in vehicular networks demonstrates the efficacy of the MoE-based SemCom system.
arXiv Detail & Related papers (2024-09-24T03:17:51Z) - Seamless Website Fingerprinting in Multiple Environments [4.226243782049956]
Website fingerprinting (WF) attacks identify the websites visited over anonymized connections.
We introduce a new approach that classifies entire websites rather than individual web pages.
Our Convolutional Neural Network (CNN) uses only the jitter and size of 500 contiguous packets from any point in a TCP stream.
arXiv Detail & Related papers (2024-07-28T02:18:30Z) - Rethinking the Vulnerabilities of Face Recognition Systems:From a Practical Perspective [53.24281798458074]
Face Recognition Systems (FRS) have increasingly integrated into critical applications, including surveillance and user authentication.
Recent studies have revealed vulnerabilities in FRS to adversarial (e.g., adversarial patch attacks) and backdoor attacks (e.g., training data poisoning)
arXiv Detail & Related papers (2024-05-21T13:34:23Z) - A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure.
This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus.
We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
arXiv Detail & Related papers (2024-01-19T14:52:04Z) - Tamper-Evident Pairing [55.2480439325792]
Tamper-Evident Pairing (TEP) is an improvement of the Push-Button configuration (PBC) standard.
TEP relies on the Tamper-Evident Announcement (TEA), which guarantees that an adversary can neither tamper a transmitted message without being detected, nor hide the fact that the message has been sent.
This paper provides a comprehensive overview of the TEP protocol, including all information needed to understand how it works.
arXiv Detail & Related papers (2023-11-24T18:54:00Z) - Application-layer Characterization and Traffic Analysis for Encrypted QUIC Transport Protocol [14.40132345175898]
We propose a novel rule-based approach to estimate the application-level traffic attributes without decrypting QUIC packets.
Based on the size, timing, and direction information, our proposed algorithm analyzes the associated network traffic.
The inferred HTTP attributes can be used to evaluate the QoE of application-layer services and identify the service categories for traffic classification in the encrypted QUIC connections.
arXiv Detail & Related papers (2023-10-10T20:09:46Z) - Breaking On-Chip Communication Anonymity using Flow Correlation Attacks [2.977255700811213]
We investigate the security strength of existing anonymous routing protocols in Network-on-Chip (NoC) architectures.
We show that the existing anonymous routing is vulnerable to machine learning (ML) based flow correlation attacks on NoCs.
We propose lightweight anonymous routing with traffic obfuscation techniques to defend against ML-based flow correlation attacks.
arXiv Detail & Related papers (2023-09-27T14:32:39Z) - Efficient and Low Overhead Website Fingerprinting Attacks and Defenses
based on TCP/IP Traffic [16.6602652644935]
Website fingerprinting attacks based on machine learning and deep learning tend to use the most typical features to achieve a satisfactory performance of attacking rate.
To defend against such attacks, random packet defense (RPD) with a high cost of excessive network overhead is usually applied.
We propose a filter-assisted attack against RPD, which can filter out the injected noises using the statistical characteristics of TCP/IP traffic.
We further improve the list-based defense by a traffic splitting mechanism, which can combat the mentioned attacks as well as save a considerable amount of network overhead.
arXiv Detail & Related papers (2023-02-27T13:45:15Z) - Measurement-driven Security Analysis of Imperceptible Impersonation
Attacks [54.727945432381716]
We study the exploitability of Deep Neural Network-based Face Recognition systems.
We show that factors such as skin color, gender, and age, impact the ability to carry out an attack on a specific target victim.
We also study the feasibility of constructing universal attacks that are robust to different poses or views of the attacker's face.
arXiv Detail & Related papers (2020-08-26T19:27:27Z) - A Self-supervised Approach for Adversarial Robustness [105.88250594033053]
Adversarial examples can cause catastrophic mistakes in Deep Neural Network (DNNs) based vision systems.
This paper proposes a self-supervised adversarial training mechanism in the input space.
It provides significant robustness against the textbfunseen adversarial attacks.
arXiv Detail & Related papers (2020-06-08T20:42:39Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.