A comprehensive analysis of website fingerprinting defenses on Tor

Xi Xiao, Xiang Zhou, Le Yu, Bin Zhang, Qixu Liu, Xiapu Luo

Research output: Journal article publicationJournal articleAcademic researchpeer-review

2 Citations (Scopus)

Abstract

Website fingerprinting (WF) enables eavesdroppers to identify the website a user is visiting by network surveillance, even if the traffic is protected by anonymous communication technologies such as Tor. To avoid this, several defense schemes have been proposed to protect users from the hazard of website fingerprinting attacks. However, some defenses are defeated by new attacks soon since they can not provide provable security guarantees; some defenses can not be deployed in practice since they incur high bandwidth overhead and latency overhead. In this paper, we survey existing WF defense schemes and make a comprehensive analysis. First, we divide WF defenses into four categories and introduce their principles and characteristics separately. Then, we point out some unreasonable settings in previous works and use a new experimental setting to evaluate WF defenses on a public dataset. We find many WF defenses are not as effective as they claim to be. Besides, we investigate the deployment of WF defenses and discuss some potential problems. Finally, we make some suggestions for researchers to design a feasible WF defense and make suggestions for users to protect their privacy.
Original languageEnglish
JournalComputers and Security
Volume136
Issue number103577
Publication statusPublished - Jan 2024

Fingerprint

Dive into the research topics of 'A comprehensive analysis of website fingerprinting defenses on Tor'. Together they form a unique fingerprint.

Cite this