Overview
It is rather easy to protect the confidentiality of the contents of messages using encryption techniques. It is fundamentally more difficult to hide the relationship between sender and receiver of messages, though, because addresses may be required for message routing and thus cannot be encrypted. Protecting communication relationships is especially important on the Internet and similar networks as destination addresses often reveal a lot about the actual contents of the messages.
Our goal is to protect users against traffic analysis attacks infringing users' privacy. Those attacks may allow a passive observer on a network to induce communication relationships and contents of messages via pattern matching and classification techniques from the data mining field. Such attacks may constitute a serious risk for users' privacy as they are difficult to detect and counter. We analyse the extent and risks of two particular attacks, namely website fingerprinting attacks, which allow the identification of websites retrieved over an encrypted line, and user linkability attacks, which enable an attacker to track individual users over multiple sessions solely based on the users' characteristic surfing behaviour. Early results indicate that both attacks can be perpetrated under certain circumstances successfully. We measure the effectiveness of the two attacks for various systems and circumstances using real-life datasets.
Designing and deploying countermeasures that protect users from such attacks is challenging: effective protection usually involves additional traffic or considerably delays, which is inacceptable in many cases. Wide-spread adoption of privacy-enhancing techniques depends on good usability and high efficiency, though. We approach this challenge from two sides: on the one hand we analyse the integration of protective measures like padding and dummy traffic into protocols and systems that already exist today; on the other hand we propose next generation systems that are incompatible with legacy technologies, but may offer superior privacy properties to their users.
Website-Fingerprinting Publication and Dataset
You can download the CCSW'09 paper here or from ACM's Digital Library.
Our Website Fingerprinting dataset is now available for download: fingerprints.sql.bz2 (2.8 GB). The data has been prepared for import into a MySQL database. Please contact Dominik Herrmann for instructions on usage and meaning of the data fields.